[Tutor] Ethics in programming

[dman]

On Wed, Jan 16, 2002 at 02:29:41PM -0500, kirk Bailey wrote:
| Gang, I still amd thinking about how to handle large lists. and how to
| impede spam.

Check this out.  I just set up spamassassin on my system.  It is
really cool.  I have exim pipe all incoming messages through
spamassassin, and spamassassin gives it back with some headers added.
In my filter I then drop all messages tagged as spam into a junk
folder so I can double check it (in case it gives a false positive).

| I can use a method of a second alias to sent out the large list, and
| the original list is simply the address for that alias. TL become in
| effect a message processor, and the second alias handles the huge
| outbound list transmission. This is the method used by majordomo.
| However,  that second alias is totally open to spam input.

How about getting rid of the open alias?

In TinyList you will pipe the message to spamassassin, then read the
tagged message from its stdout.  Then you check the X-Spam-Flag:
header.  If that header exists, then spamassassin thinks the message
is spam.  In that case you drop it somewhere for the list admin to
verify that it is spam (this is so false positives can be corrected by
the admin).  If the message isn't spam, you continue by piping it to
your MTA with the list of recipient addresses.

| This uses the sendmail function :include: which when aliases are
| compiled by sendmail, includes the reference to the subscriber file in
| it's definition.

Why not have TinyList itself manage the subscriber list, instead of
sendmail.  No aliases are needed then, you just stick all the
addresses on the sendmail command line.  Something like :

# 'message' is a string-representation of the entire spam checked message

f = file( "subscriberlist" , "r" )
slist = f.readlines()
f.close()
slist = map( string.strip , slist ) # strip out the newlines
for subscriber in slist :
    bounce_addr = "bounce-<listname>=%s@<your_domain>" % \
            subscriber.replace( "@" , "=" )  # you get the idea
    pipe = os.popen( "sendmail" , "-f %s" % bounce_addr , subscriber )
    # check for errors returned from the pipe!
    pipe.write( message )
    pipe.close()


I think you get the idea here.  In this setup each subscriber gets
their own copy of the message (no long recipient lines) and bounces
are sent back to you for processing by your bot (which you have yet to
write).

-D

-- 

Contrary to popular belief, Unix is user friendly.
It just happens to be selective about who it makes friends with.
                                               -- Dave Parnas