[Mailman-Users] Filtering Chinese spam.
Stephen J. Turnbull
turnbull.stephen.fw at u.tsukuba.ac.jp
Sun Apr 22 11:54:50 EDT 2018
Kenneth G. Gordon writes:
> One of my mailman mailing lists has been suddenly afflicted with
> tons of Chinese spam.
If you have access to the firewall in your mail system, or are
friendly with its admin, the most efficient way to handle this is in
the firewall by dropping all traffic from China, as described in a
thread about "Brute force attacks" starting about a week ago on this
list. That is fairly risky these days; you never know when one of
your members is going to visit China and send mail from a friend's
address. As Robert Heller suggests, the next most efficient thing is
to drop all traffic from China in the MTA (mail server software) using
similar techniques.
More to my taste than either would be to install a programmable spam-
checker like SpamAssassin or SpamBayes, and bump the cost of rules
that catch Chinese spam if necessary. This is far more effective and
efficient than doing it in Mailman, and if your system has mailboxes
other than those for Mailman, they will also be protected.
> I have modified my settings in Privacy Options/Spam Filters thusly:
>
> ^Subject: =?utf-8?B?
> ^Subject:.*\?{4,}
As Mark points out, the first is not going to work. You need to
"escape" the question marks as in the second expression:
^Subject: =\?utf-8\?B\?
Both of these filters are risky. The first is likely to catch any
email whose subject starts with an emoji, smart quotes, or any other
exotic characters such as math symbols or a complex smiley (such as
table flipping or the 7-character shrug). The second will catch any
mail with a subject containing 4 or more question marks in a row. Of
course these may be desirable if you're running a mailing list for
junior highschool students ;-), but such subjects are reasonably
common among educated adults as well in my experience. How large that
risk is, and whether or not to take it, is up to you and your
subscribers, of course.
Finally, a viable strategy would be to use these filters for now and
explore the more capable methods at your leisure.
Regards,
Steve
More information about the Mailman-Users
mailing list