Majordomo-Users: Preventing List Abuse

Majordomo-Users
(October 2000)

Indexed By Thread: [Previous] [Next]

Subject:	Preventing List Abuse
From:	Eric Rountree <rountree @ cs . queensu . ca>
Date:	Wed, 4 Oct 2000 08:58:44 -0400 (EDT)
To:	majordomo-users @ greatcircle . com
Reply-to:	Eric Rountree <rountree @ cs . queensu . ca>

Hello to all.

I've just installed Majordomo 1.94.5 and am playing with a test list right now 
to see what the various configuration options can do. I have a question about 
list aliases, but first let me give you some background.

I'm hoping that Majordomo will provide a solution to a problem we encountered a 
couple of weekends ago. I run a Solaris 2.6 box (Enterprise 3500) that acts as 
the main UNIX server for our undergraduate labs. I maintain student accounts and 
mailing lists on this box. Currently the lists are just text files with aliases 
pointing to them (/etc/mail/aliases with NIS). The "problem" was a mail storm 
that occurred after a student inadvertently "replied to all" in response to an 
announcement about a programming contest. Several people took it upon themselves 
to chastise him for his mistake (replying to all, of course), and it took off 
from there. All students received over fifty junk messages, which became 
progressively more rude as the weekend went on. Two students decided that it 
would be fun to subscribe the list to a porn newsletter. Sigh.

I know that I can set up a list so that only certain addresses can post to it. 
That is exactly what I want. Unfortunately, there seems to be a hole in this 
security. The documentation instructs me to set up the following aliases if I 
want to use the resend processing:

       test:    "|/usr/test/majordomo-1.94.3/wrapper resend -l test test-list"
       test-list:  :include:/usr/test/majordomo-1.94.3/lists/test

It looks to me like the test-list alias is insecure. Anyone who knows enough to 
do a "ypcat -k aliases" (and all our students have UNIX shell access if they 
want it) can find out the name of this alias. If you send directly to test-list, 
you essentially bypass the resend processing and send your message directly to 
the list.

Is there a way around this?

Okay, I'm almost done. Sorry this is so long. This leads me to my second 
question: Is there a way to hide the To: address in the message headers. I 
really don't want students on the list to know the name of the list. I probably 
sound really paranoid, but some of these people are incredibly immature, and I 
want to take whatever steps I can to hide these list addresses from them.

Thanks for putting up with this long message.

Eric


---------------------------------------------
Eric Rountree, Systems Specialist
Department of Computing & Information Science
Goodwin Hall, Room 551
Queen's University
Kingston, Ontario
Canada  K7L 3N6

(613)533-6784
rountree@cs.queensu.ca

Follow-Ups:

Re: Preventing List Abuse
From: dliston@netscape.com (Dan Liston)

Indexed By Date	Previous:	Re: Development assistance offered From: Tim Hewitt <tim.hewitt@fairchildsemi.com>
Indexed By Date	Next:	RE: mj2 help From: Chris Preston <cpreston@asymtek.com>
Indexed By Thread	Previous:	Re: Development assistance offered From: Tim Hewitt <tim.hewitt@fairchildsemi.com>
Indexed By Thread	Next:	Re: Preventing List Abuse From: dliston@netscape.com (Dan Liston)