Thank you, I'll pass that observation along.
-------- Original Message --------
Subject: Re: Majordomo parasite
Date: Fri, 8 Mar 2002 14:20:10 -0500 (EST)
From: Chip Old <firstname.lastname@example.org>
To: MAJORDOMO-USERS <email@example.com>
I've never used Postfix, but maybe this will help. In Sendmail the
Virtusertable is a mechanism originally intended for mapping "Virtual
Addresses" (addresses in hosted domains) to real addresses. The
difference between it and the traditional UNIX /etc/aliases file is that
you can also map addresses to specific error messages. In the case of the
Majordomo -outgoing addreses, we map them to a "User unknown" error.
Postfix probably has a similar capability, although not necessarily done
the same way.
On Thu, 7 Mar 2002, Jay O'Brien wrote to MAJORDOMO-USERS:
> I forwarded your message below to the owner of my server, and he
> responded "can you ask if anybody has a workaround for this problem
> that is using Postfix?
> I'm asking!
> Jay O'Brien
> -------- Original Message --------
> Subject: Re: Majordomo parasite
> Date: Thu, 7 Mar 2002 23:01:18 -0500 (EST)
> From: Chip Old <firstname.lastname@example.org>
> To: MAJORDOMO-USERS <email@example.com>
> On Thu, 7 Mar 2002, Roger B.A. Klorese wrote to Tom Lettington:
> > If they sent it to list-outgoing instead of list, no subscription tests
> > are performed.
> > That's why the best practices suggest you not use -outgoing but some
> > other local obscure suffix, and that you take steps to insure that that
> > address is not reachable from the outside or shown in headers.
> No matter what suffix you use, if your MTA is Sendmail with the
> virtusertable feature enabled add a line like this for each list:
> firstname.lastname@example.org error:nouser User unknown
> This stops anyone from writing directly to the -outgoing alias, but
> doesn't stop the alias from working internally.
> The thing about the original message (and probably the reason nobody
> responded) is that he seemed to imply that spam was being appended to
> valid list messages, he said there was "funny stuff" in the mail server
> logs", and he thought someone had "hijacked the list server". All very
> vague and very doubtful, but he didn't provide headers, log entries, or
> anything else we could examine. My first though was that a spammer was
> sending directly to an exposed -outgoing alias, but thought "Nah, everyone
> knows how to hide that". Maybe not.
> Chip Old (Francis E. Old) E-Mail: email@example.com
> Manager, BCPL Network Services Phone: 410-887-6180
> Manager, BCPL.NET Internet Services FAX: 410-887-2091
> 320 York Road
> Towson, MD 21204 USA
Chip Old (Francis E. Old) E-Mail: firstname.lastname@example.org
Manager, BCPL Network Services Phone: 410-887-6180
Manager, BCPL.NET Internet Services FAX: 410-887-2091
Baltimore County Public Library
320 York Road
Towson, MD 21204 USA