[Mailman-Users] Spam / Email Spoofing Problem (SPF check possible?)

[Mark Sapiro]

On 4/5/19 10:59 AM, Valentin Schwarze via Mailman-Users wrote:
> 
> I am the administrator of some mailman lists of the student self-administration of our university. We happend to have some spam issues on our mailman lists. These spammers were able to send emails on our lists through mail spoofing (only faking the From: field in the header is sufficient to get accepted). With a faked sender email adress, which was in accept_these_nonmembers of the list, they were to send spam mails on the lists.
> 
> Are there any settings that we as administrators of the list could change to end that behavior? For example, is it possible in any way, that Mailman only accepts emails that passed a SPF check? Or any other option to prevent email with forged sender adresses to be distributed through the mailman list?


These kinds of tests are better implemented in the incoming MTA before
the mail ever gets to Mailman.

Mailman itself, without code modification or implementation of a custom
handler (see <https://wiki.list.org/x/4030615>), has no way to check
things like SPF.

You can use Privacy options... -> Spam filters ->
header_filter_rules to take various actions based on regexp matches
against message headers. This can be useful if you can identify things
that separate the spam from the ham. Also, if you want to do certain
tests in the MTA, but not reject the mail at SMTP time, you can have the
MTA add a header which is checked by header_filter_rules.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan