Great Circle Associates Majordomo-Users
(November 2001)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: preventing unauthorized distribution via list-outgoing.
From: Jeff Lasman <jblists @ nobaloney . net>
Organization: nobaloney.net
Date: Mon, 26 Nov 2001 23:47:05 -0800
To: majordomo-users @ greatcircle . com
References: <Pine.LNX.3.91-heb-2.05.1011122133257.11042A-100000@etzion.org.il>

Ezra Bick wrote:

> BUT - the virus has taken to sending itself to <list-outgoing>, which
> then resends to the whole list and effectively avoids all restrictions
> found in the list configuration file.
> 
> This seems to be a rather large whole, which could be used by spammers as
> well as viruses. By simply adding -outgoing to the name of a list, anyone
> can send anything to any list.
> 
> What can be done?

I like one of Daniel Liston's ideas best and have been implementing it
for some time; that's using virtusertable.  Virtusertable is enabled by
default in many linux installations (if you're using linux) and has
already been enabled in many multi-domain systems.

Dan's explanation for setting up virtusertable, if it's not already set
up, while short and to the point, is reasonably complete.

What he leaves out is the line to be added to virtusertable; here it is:

listname-outgoing@domain.com:     error:nouser No such user here

where "listname" is replaced by the name of the list, and that's a tab
(not spaces) between the first and second fields.

After implementing virtusertable in sendmail, and adding the line, be
sure to do:

# makemap hash virtusertable < virtusertable
# kill -HUP `head -n 1 /var/run/sendmail.pid`

The first line will create a hashed version of virtusertable, and the
second line will restart sendmail to read it.  (Those are back-quotes
[to the left of the one key on most keyboards] in the second line.)

Jeff
-- 
Jeff Lasman <jblists@nobaloney.net>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484



Follow-Ups:
References:
Indexed By Date Previous: Re: Creating Digest Lists on Cobalt Raq3
From: Jeff Lasman <jblists@nobaloney.net>
Next: Re: Using the archive with "get" and "index"
From: "Lars H. Korte" <lk@ordix.de>
Indexed By Thread Previous: Re: preventing unauthorized distribution via list-outgoing.
From: Ezra Bick <ebick@etzion.org.il>
Next: Re: preventing unauthorized distribution via list-outgoing.
From: Chip Old <fold@bcpl.net>

Google
 
Search Internet Search www.greatcircle.com