[Mailman-Developers] Absentee list owners become suicide
mail-bombers
Barry Warsaw
barry at python.org
Mon Aug 18 19:09:17 EDT 2003
On Mon, 2003-08-18 at 10:51, John A. Martin wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> What defenses does Mailman have against suicide mail-bomber attacks?
>
> The suicide mail-bomber has a number of list-owner addresses for which
> the receiving MTAs take delivery and subsequently send a "Mail
> Delivery Warning" mail message back to the list admin address which,
> of course, Mailman sends on to the list owner addresses and so forth.
>
> Pretty picture, no?
Indeed, but things are better for MM2.1. There, all bounces to -owner
addresses are directed to the site list's -bounces address, while the
site list -owner is directed to the loop-killer alias.
> Would it not be a good idea to rate-limit mail messages from the list
> admin address to the list-owner address(es)? And eventually, to block
> incoming admin mail?
It's an interesting idea. In my MM3 model, I want to unify normal list
rosters and admin rosters, such that we can do similar bounce processing
and registrations on admin addresses (not to mention archiving -owner
email!). Then it would be a small step to notify the site admins when
all -owners have been bounce disabled, and perhaps to do more
sophisticated actions such as disable/auto-reject all list traffic).
> Another problem I see frequently with absentee/negligent list owners
> is large accumulations of pending mail and requests. I have reason to
> suspect that many list owners direct their list-owner mail to
> /dev/null (or whatever the Windows equivalent is, these seem to be
> mostly Windows addicts). How about a monthly reminder for list owners
> that requires a positive response within a parameterized time or the
> list will be automatically disabled?
That and/or automatic disposition of held messages (i.e. auto-reject,
auto-discard, or <gasp> auto-approve).
-Barry
More information about the Mailman-Developers
mailing list