[Mailman-Users] Newbie - many questions and ideas but mostly how to kill the SPAM

[Simon Waters]

Hi,

first post here - so be gentle.

Mailman is great by the way - I just want some ideas to make my
life easier!

Background.

I am a list-manager (I believe it is the right term) I have
delegated to me a couple of lists from the gnu.org mailman
installation (info-gnu-chess, bug-gnu-chess, they use a fairly
recent version of 2 I believe but not bang up to date last time
I checked).

Unlike many Mailman users these are both open lists (i.e. anyone
can report bugs!), and have various NNTP gateway facilities to
"gnu.chess". We have a spam double whammy - newsgroups and a
well known and widely spammed email addresses for both lists.

We also prefer to allow attachments, usually patches for
testing.

The lists are very low volume - so the noise to signal ratio is
tending to zero!

So I get a lot of spam, and recently a lot of Klez viruses
(probably approaching 3 or 4 per list per day), and if not
caught (we have a temporary 10KB message limit) about 3 MDaemon
'your message was infected' responses to every message.


Questions and Comments.

1. Can a regular expression be fatal rather than just requiring
moderation. I have a number of rules with 100% hit rate - such
as trapping all messages flagged as coming from open relays. But
the mail admins refuse to drop such mail at the MTA level alas.

2. How would I write a regular expression in Mailman Privacy
options to trap Korean characters in the subject line, use of 8
bit ASCII characters, or even all subjects containing Ä (Capital
A umlaut) would be sufficient.

3. Does better documentation on the regular expression handling
exist, currently only one example is given for a "from:" header.
Maybe I'm being thick, but regex regular expressions are pretty
involved and depend on things like NLS, and I'm fairly sure that
Mailman is doing a simplified versions. Or must I read the
source?

4. Does anywhere collect and share good anti-spam regular
expressions ?

Enhancements?

5. When moderating a big list of messages an optional short view
would be nice. The current scheme is unwieldy when you have 120
messages to delete. An HTML table with radio button reject
control, sender, subject, date, reason (abbreviated if need be).
Or just a toggle to drop the big text fields? Anything that gets
use more than 1.5 messages per screen. 10 or 20 per screen would
be really nice!

6. Including the REGEX in the rejection reason would aid writing
good regex.

7. A regex test would be handy - although I guess you'd have to
apply it to archive messages or some such to get test data.

8. A date sanity check - moderate or bounce misdated messages (I
guess I can use REGEX if I'm clever), a lot of the spam has
dates in the future or distant past. We already have archives to
2034 and not much of it is useful. Anything more than two days
ahead of current system time is clearly junk IMHO ;)

 Any other hints on killing spam/klez/bounces appreciated.

 Simon







-- 
"Don't get me started on intuitive. You know what's intuitive?
Fear of heights. Everything else we call intuitive, such as
walking or using a pencil took years of practice." - Don Norman