[Mailman-Users] Spam to list-owner

Lindsay Haisley fmouse-mailman at fmp.com
Sat Dec 20 05:31:22 CET 2008 

On Fri, 2008-12-19 at 12:09 -0600, Brad Knowles wrote:
> That's certainly true, but that's no reason to push anti-spam processing 
> back to the point where you can't use SpamAssassin to refuse to accept the 
> message.  Even if you can't get 100% accuracy and 100% precision, you should 
> do all the anti-spam processing as early in the pipeline as you can, which 
> means putting them in the MTA and not Mailman.

I don't know, Brad.  I'm using courier for my MTA, which I like a great
deal, and it's extremely well engineered.  It comes with a mail
processing program called maildrop, kind of like procmail for adults,
which is very capable.  SpamAssassin is implemented for user accounts
using a global maildroprc, and this might be possible for lists as well
on a per-domain basis, but I don't know how useful that would be, and
I'd lose the advantage that SpamAssassin.py gives me in allowing a
"moderation margin" - a nice feature.  I'm sure you familiar with
Hentstridge's implementation for Mailman.
 
SpamAssassin has to do a fairly intensive examination of the mail body
and may reject based on this examination, but because of the way SMTP
works, it's a bad practice to wait until after the DATA section of a
mail transaction is complete to reject an email at the front door.  One
runs into, at very least, some theoretical logical conundrums, and even
though it might be arguably OK to reject spam for all "rcpt to"
recipients at once, it takes the choice away from individual users re.
how severe they want to filter for spam.  There are other
considerations.

So if I can't refuse potential spam at the SMTP front door, what
difference does it make whether it gets detected in Mailman or the MTA?
Mailman already has a SpamDetect module which is reasonably useless, and
discards (not rejects) spam internally.  What I'd really like is a way
to hook SpamAssassin, or a similarly effective tool, into Mailman so
that I can get a lot more fine-grained control and set meaningful
parameters on a per-list basis.  The further forward I shove it, the
harder it is to exercise this kind of control.

I'm always doing things with my servers which others tell me I shouldn't
do, and as long as I'm careful about security and efficiency I often end
up with some pretty elegant and flexible solutions.  And then people who
told me not to do these things want to know how I got things to work the
way I did ;-)

-- 
Lindsay Haisley       | "The difference between |     PGP public key
FMP Computer Services |  a duck is because one  |      available at
512-259-1190          |  leg is both the same"  | http://pubkeys.fmp.com
http://www.fmp.com    |       - Anonymous       |

More information about the Mailman-Users mailing list