Author: W B Hacker Date: To: exim users Subject: Re: [exim] Exim & Mailman
Odhiambo Washington wrote: > On Nov 14, 2007 11:09 PM, Dave Evans <exim-users-20070913@???> wrote:
>> On Wed, Nov 14, 2007 at 05:51:57PM +0100, Magnus Holmgren wrote:
>>>> lol .. How on earth did this end up on the list? Did the spammer really
>>>> subscribe to the mailing list first? That's one hell of a step up from
>>>> the usual crap :P
>>> Judging from the Received: timestamps a moderator slipped.
>> Speaking of which, does anyone have any good tips to share on how to write
>> an ACL for incoming Mailman traffic, which (say) rejects post-DATA for
>> messages which are not from list members? (Obviously only for
>> listname@domain; not for -owner nor -request, for example).
>
> Mailman should do that if properly configured, no?
Definitely so. This list is a living example.
> There must be information from the Mailman FAQ (and even tips on the
> net) on how to properly configure Mailman lists to prevent abuse.
>
>
If you don't mind letting Exim have read-access to the lists, you can make
Exim+Ecartis reject *during* smtp session. Ergo can probably do the same just as
easily with Mailman.
That said, experiments aside, I don't bother - just silently blackhole Ecartis
post-smtp response to those and use an errors_to = /dev/null on the routers.
The admins still see the reports, so 'good enough' to catch honest errors, less
work, and lower risk of backscatter.
Not much point in respecting RFC sensitivity with a zombot.
