[Mailman-Developers] Google Summer of Code - Spam Defense
Cristóbal Palmer
cmpalmer at metalab.unc.edu
Sat Mar 29 19:37:36 CET 2008
On Sat, Mar 29, 2008 at 01:12:59PM -0500, Robby Griffin wrote:
>> How/where do I stop that?
>
> How is that backscatter? Looks like plain old spam to me (addressed
> to a -owner address, which forwarded to postmaster
But it shouldn't go to postmaster!
/usr/local/mailman/bin/list_owners cc-co
shows me three addresses, all of which are @gmail.com addresses.
> , which forwarded to you),
postmaster does forward to me, yes.
> and your (three!) SpamAssassins
two. One on malecky (the list machine), and one on garp. The third
machine doesn't come into play here.
> let it through. Though one
> of them did score it high enough to be marked as spam, you don't
> seem to have anything between the world and your inbox that actually
> blocks spam...
Not true. Mail to lists (but apparently not owners) now gets discarded
if it has been tagged as spam.
Furthermore, I have procmail rules in place in two places that drop
mail above a certain threshold and quarantine a middle batch.
> If it helps, I have one setup where I have to discard high-scoring
> spam with procmail on its way into my inbox, and another where I
> modified SA to add a user-configurable threshold for tagging
> "extreme" spam so I could discard it within the MTA.
I don't discard anything at the MTA, but otherwise you've got close to
what I've got. What I'm missing here is the step where the mail went
from going to one of the three list admins (again, all at gmail) to
going to me. Where was the forgery? How did mailman (or was it
postfix?) get duped?
Cheers,
--
Cristóbal Palmer
ibiblio.org systems administrator
More information about the Mailman-Developers
mailing list