[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SPAM on the Lout Mailing List (Re: Unidentified subject!)

From: Valeriy E. Ushakov
Subject: Re: SPAM on the Lout Mailing List (Re: Unidentified subject!)
Date: Sat, 22 Nov 1997 16:53:13 +0300

On Fri, Nov 21, 1997 at 12:09:16PM -0500, Greg A. Woods wrote:

> [ On Fri, November 21, 1997 at 11:58:49 (+0300), Valeriy E. Ushakov wrote: ]
> > Subject: SPAM on the Lout Mailing List (Re: Unidentified subject!)
> >
> > My most sincere apologies for this spam that came to you via Lout
> > mailing list.  Several monthes ago I configured SmartList to reject
> > postings from addresses not subscribed to the list.  I will try to
> > figure out how this bustard sneaked in, and fix the problem.
> One thing you might also do is configure it to leave all the original
> Received header's in, and to ensure that your own mailer is writing a
> received header that clearly indicates the source IP address of the
> incoming mail (complete with a in-addr.arpa PRT look-up if possible).
> That will help those of us on the receiving end be sure that it did not
> originate at your own site and if we feel like complaining to the source
> we don't have to bug you to go through your mailer records to find the
> connecting host.
> Good luck hunting him down!  Thanks for your quick response!

Ok, as Greg suggested I have configured SmartList to rename Received:
headers from original message to X-Original-Received: (this message
must already come to you with original track kept).  My sendmail
already writes ip address of the connecting host in the Received:
header.  expn is disabled and lout-dist alias is deleted.  (SmartList
suggests to create a *-dist alias that is just an :include:/list/dir/dist,
this alias can be used to send mail to all list subscribers directly,
bypassing list engine checks, so I have purged it).

I have also figured out how the SPAM penetrated the list despite the
fact that foreign submissions were disabled.  The problem was caused
by the presence of the owner-lout alias.  Sendmail treats owner-*
address in a special way, in particular envelope sender of the
submission to the list was always set to owner-lout that was
eventually rewritten to my own address that *is* subscribed to the
list.  Sendmail is so elephantine...

I have deleted the owner-lout alias in favor of (sendmail-neutral)
lout-owner alias.

I hope this measures will prevent spammers from using lout mailing
list to flood you, my dear subscribers, with their bull^H^H^H^Hbogus

Lout mailing list maintainer, Uwe.
address@hidden                         |       Zu Grunde kommen
http://www.ptc.spbu.ru/~uwe/            |       Ist zu Grunde gehen

reply via email to

[Prev in Thread] Current Thread [Next in Thread]