[Mailman-Users] strange postings to non-existant lists

Bruce Harrison harrison at utm.edu
Tue Sep 8 16:12:16 CEST 2015 

Interesting, I may give SpamAssassin a look.  Thanks!
Mine are almost always mail to invalid lists.
My box talks to our local mail processor, which in turn runs off-campus thru the MS filters/scanners and on out.

Bruce
UTM

-----Original Message-----
From: Andrew Hodgson [mailto:andrew at hodgsonfamily.org] 
Sent: Tuesday, September 08, 2015 8:58 AM
To: Bruce Harrison; mailman-users at python.org
Subject: RE: strange postings to non-existant lists

Bruce Harrison  wrote:

>For the last month or two, I get anywhere from 3 or 4 to 20 to 30 postings to non-existent lists on our mailman server.  I've been reading of course about the subscribe spamming that folks have been talking about.
>Is this just someone poking at our mailman machine trying to find something to send spam to, or something more sinister?  We use Microsoft filtering for spam, viruses, etc. so all mail I see comes from one of their servers.
>It's not causing any problems, but just strange to me.

I haven't seen spammers subscribe to the lists properly (i.e, respond to the Mailman response), but I've had a lot of messages going to invalid users at the list domains and also to the subscribe/unsubscribe/request address, which was creating a lot of backscatter.

>From my point of view I want to try and avoid accepting and processing spam mail and mail to invalid lists/recipients to try and avoid backscatter.  I installed a local copy of SpamAssassin which seems to be working really well and rejects spam over a score of around 7.  This seems to let list traffic through whilst blocking the spam messages.  I also removed frontline MX servers from the lists domain so they get handled by the Exim server doing the processing, so that any 5XX response that the server sends out causes the spam server to give up, rather than a frontline MX server having to generate the NDR and send it out to the probably innocent party.  To this end we used to use MS Office 365 spam scanning on the list domains, but don't use it anymore for this reason.

Hope this helps,
Andrew.

More information about the Mailman-Users mailing list