1. Make sure your sendmail installation is utilizing all available anti-spam, anti-virus, anti-spoof measures.
(Greylist milter, RBL, SPF, clamAV, etc.)
2. Hide the name of your -outgoing alias from the outside world by adding ,nobody to the alias.
3. Prevent use of the -outgoing alias from outside your own system by blocking it at the virtusertable file.
4. Only allow zubscribed members to post to your lists.
5. Do NOT bounce messages once you have accepted them. If majordomo tries to bounce (and send the help file) to forged addresses, these messages can technically be considered spam.
6. Add SPF to your DNS to aid forgery prevention for your domain's real mail.
Long day travelling, 14 hours of D&P Tue, and all day travelling again Wed. If I think of more later in the week I will post it.
Dan Liston
----- Original Message -----
From: Michael Wilkinson <mike@towerravens.com>
Date: Monday, May 22, 2006 8:37 pm
Subject: Majordomo spam problem
> I've been a LONG time user/admin of majordomo, and I've recently
> experienced something I'm not sure what to do about or how to
> combat.
>
> I'm using majordomo 1.94.5, and sendmail 8.13.4, somehow evil spammers
> used my majordomo mail alias to relay spam through my sendmail server.
> It was a mess, I had to clean out my domain/ip from some blackhole
> lists.
>
> I picked up on it because I got quite a few majordomo abort messages.
> I've been trying to dissect how they used it exactly, unfortunately,
> I don't have my sendmail logs for that time period anymore.
>
> I was able to stop it by commenting my majordomo mail alias out of
> my aliases file. I was wondering if any here has seen anything like
> this, and if so, how I may prevent the problem in the future.
>
> Thanks!
> -Mike
>
> --
> Michael Wilkinson
> Game Designer There are 10 kinds of people in this world,
> Tower Ravens LLC those who understand binary and those
> who don't.
>
|
|
