From: Thomas Goirand <thomas@goirand.fr>
To: mlmmj@mlmmj.org
Subject: Re: Changing mailing list subscription process
Date: Fri, 30 May 2008 18:29:42 +0000 [thread overview]
Message-ID: <48404796.8090706@goirand.fr> (raw)
In-Reply-To: <20080529230903.GJ16364@curie-int.orbis-terrarum.net>
Robin H. Johnson wrote:
> Presently, we have been suffering some spam attacks against some of the
> Gentoo mailing lists, because of spammers using auto-responders.
>
> Here's how they are conducting the attack:
>
> 1. Spammer forges a mail from $LIST+subscibe@gentoo.org, sending it to
> an auto-responder.
> 2. Lists sends a confirmation mail to the auto-responder.
> 3. Auto-responder sends mail, with intact confirmation data back to the
> confirmation address (in Reply-To).
IMHO, your auto-responder is broken. Any good auto-responder should
detect a mailing list and should ignore every message from it. With
courier-maildrop, it's done like this:
if ( ! /^Precedence: (bulk|list|junk)/ && \
! /^List-Id:/ && \
! /^List-Unsubscribe:/ && \
! /^Return-Path:.*<#@\[\]>/ && \
! /^Return-Path:.*<>/ && \
! /^From:.*MAILER-DAEMON/ && \
! /^X-ClamAV-Notice-Flag: *YES/ && \
! /^Content-Type:.*message\/delivery-status/ && \
! /^Subject:.*Delivery Status Notification/ && \
! /^Subject:.*Undelivered Mail Returned to Sender/ && \
! /^Subject:.*Delivery failure/ && \
! /^Subject:.*Message delay/ && \
! /^Subject:.*Mail Delivery Subsystem/ && \
! /^Subject:.*Mail System Error.*Returned Mail/ && \
! /^X-Spam-Flag: YES/ )
{
[... autoresponder code ...]
> I tried adding a specific Reply-To address in the header of the list
> text/ file, but it's made to part of the mail body instead of the
> header.
You should have tuned "customheaders", is it what you did? Because this
always worked for me, when dealing with the Reply-To: header...
Thomas
next prev parent reply other threads:[~2008-05-30 18:29 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-05-29 23:09 Changing mailing list subscription process Robin H. Johnson
2008-05-30 12:23 ` Chris Webb
2008-05-30 14:51 ` Benny Pedersen
2008-05-30 15:08 ` Christian Laursen
2008-05-30 16:02 ` Robin H. Johnson
2008-05-30 16:04 ` Robin H. Johnson
2008-05-30 18:29 ` Thomas Goirand [this message]
2008-05-30 19:47 ` Robin H. Johnson
2008-06-02 21:33 ` Chris Webb
2008-06-02 21:55 ` Mads Martin Joergensen
2008-06-04 5:08 ` Robin H. Johnson
2008-06-04 6:58 ` Morten K. Poulsen
2008-06-04 21:48 ` Robin H. Johnson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48404796.8090706@goirand.fr \
--to=thomas@goirand.fr \
--cc=mlmmj@mlmmj.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.