Great Circle Associates Majordomo-Users
(July 2003)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Avoiding mailloops
From: Kirk Bailey <idiot1 @ netzero . net>
Organization: Silas Dent Memorial Cabal of ERIS Esoteric and hot dog boilingsociety
Date: Thu, 10 Jul 2003 18:43:55 -0400
To: Daniel Liston <dliston @ sonny . org>,majordomo-users @ greatcircle . com
References: <149580000.1057854482@blackbird.rrz.Uni-Koeln.DE> <3F0DE118.6070109@sonny.org>
User-agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0

I had a relevant issue with a subscriber to one of my lists. I sent a message to the 
account, and it generated an 'out of office until' message-classic vacation program. 
This address is subscribed to one of my lists, and I grew concerned.

When I wrote the Email post time module for TinyList, I knew of such things asd 
autoreply program wars, and included several headers to help break them- and testing FOR 
them. Well, now I was concerned. So late that  night, I intentionally created a (now 
deceased) testlist, and crosscoupled it with another (still existing) testing list- and 
posted a message, insuring first that they were subscribed to one another. I did this 
while logged in with a ssh program to the server so I could kill anything that 
desperately needed an early grave.

Although my initial message was processed on the first list fine, it did not appear on 
the second list- nor anything else. I then posted one to the second list, and nothing 
else came out on it  or the first list. Although withought a doubt they were addressing 
one another, and subcrribed to one another, NOTHING HAPPENED. Both lists worked, both 
were subscribed one to the other, and neither would accept posts from the other. The 
header testing and rejecting was breaking an intentionally built list loop reliably.

Now I would NOT reccomend such a drastic test to anyone else, as it has such a wonderful 
chance at crashing a server in jig time. But I thought the report  of such a risky 
experiment would be of intrest to this thread.

Does the new majordomo do such header filtering and rejecting?

Daniel Liston wrote:
> It is local policy here, that anyone creating this kind of loop
> be removed and blacklisted from subscribing to any of our lists
> for a period of one year.  Idle threat, considering how easy it
> is to get and use a different address, but our point gets made.
> 
> Considering the query may not have even been from a subscriber,
> this could be considered a weak DOS attack on your system.  You
> might consider leaving the user or their domain listed in your
> access.db file.
> 
> Take a look at your majordomo.cf file.  Down at the bottom is a
> majordomo_dont_reply variable that does what it's name says.  You
> might also want to consider a global_taboo_headers expression to
> bounce null senders to the majordomo-owner without being responded
> to.  Using your own example, the expression would look like this;
> 
> /^Return-Path: <>/i
> 
> I would really like to study a sample of the 3000 messages before
> I could offer anything better.  Are they all identical, with the
> exception of date/time stamps?
> 
> Dan Liston
> 
> susan barnes wrote:
> 
>> Greetings,
>>
>> Last night one of our majordomos got caught in a kind of mailloop, 
>> when someone tried to query majordomo using a sending address serviced 
>> by an autoresponder.
>>
>> Each Email hitting said account would trigger one of these 
>> We-will-answer-your-email-later messages, which caused majordomo to 
>> send its helpfile once again, which would trigger....
>>
>> 3000 Mails and 30 MB later I stopped the loop using the Mailservers 
>> AccessDB.
>>
>>
>> We use Majordomo 1.94.5  and sendmail 8.12.9/8.12.8
>>
>>
>> I am wondering if there is anything to avoid this situation?
>>
>> Things I thought about:
>>
>> Giving majordomos outgoing administrative mails a reply-to header 
>> pointing to majordomo-owner(I do not like that, for quite a few 
>> mailinglists are open+confirmed and half of the confirmation mails 
>> will then go to majordomo-owner)
>>
>> Incorporate another sanity-check, so mails with
>> Return-Path: <>
>> in their headers, do not get processed.
>>
>> It would be nice if majordomo could act similar to a (wellbehaved) 
>> vacation, sending out a Maximum of X messages to a single recipient 
>> and resetting the counter every hour or so.
>>
>> (All this should only affect the majordomo results mails, not the list 
>> traffic)
>>
>>
>> Ideas anyone?
>>
>> Thank you for your input.
>>
>>
>> Susan Barnes
>>
>>
>> Susan Barnes <S.Barnes@rrz.uni-koeln.de>
>> Zentrum fuer Angewandte Informatik - Universitaetsweiter Service RRZK
>> Universitaet zu Koeln / Cologne University        - Tel:0221-478-5594 
> 
> 
> 
> 


-- 

end

Cheers!
         Kirk D Bailey
                               think
http://www.howlermonkey.net/ +-----+ http://www.tinylist.org/
http://www.listville.net/    | BOX | http://www.sacredelectron.org/
                              +-----+
"Thou art free"-ERIS          think    'Got a light?'-Promethieus

Fnord.



References:
Indexed By Date Previous: Re: Exim/Majordomo
From: Daniel Liston <dliston@sonny.org>
Next: Re: Avoiding mailloops
From: Kirk Bailey <idiot1@netzero.net>
Indexed By Thread Previous: Re: Avoiding mailloops
From: Daniel Liston <dliston@sonny.org>
Next: Re: Avoiding mailloops
From: susan barnes <s.barnes@uni-koeln.de>

Google
 
Search Internet Search www.greatcircle.com