Ezra Bick wrote:
> BUT - the virus has taken to sending itself to <list-outgoing>, which
> then resends to the whole list and effectively avoids all restrictions
> found in the list configuration file.
> This seems to be a rather large whole, which could be used by spammers as
> well as viruses. By simply adding -outgoing to the name of a list, anyone
> can send anything to any list.
> What can be done?
I like one of Daniel Liston's ideas best and have been implementing it
for some time; that's using virtusertable. Virtusertable is enabled by
default in many linux installations (if you're using linux) and has
already been enabled in many multi-domain systems.
Dan's explanation for setting up virtusertable, if it's not already set
up, while short and to the point, is reasonably complete.
What he leaves out is the line to be added to virtusertable; here it is:
firstname.lastname@example.org: error:nouser No such user here
where "listname" is replaced by the name of the list, and that's a tab
(not spaces) between the first and second fields.
After implementing virtusertable in sendmail, and adding the line, be
sure to do:
# makemap hash virtusertable < virtusertable
# kill -HUP `head -n 1 /var/run/sendmail.pid`
The first line will create a hashed version of virtusertable, and the
second line will restart sendmail to read it. (Those are back-quotes
[to the left of the one key on most keyboards] in the second line.)
Jeff Lasman <email@example.com>
Linux and Cobalt/Sun/RaQ Consulting
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484