Majordomo-Users: Re: Majordomo spam problem

Majordomo-Users
(May 2006)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Majordomo spam problem
From:	"Tom McHugh" <Tom . McHugh @ SPECTRUM-SYSTEMS . COM>
Date:	Wed, 24 May 2006 12:46:38 -0400
To:	<majordomo-users @ greatcircle . com>
Thread-index:	AcZ/UaAHRhN8c9N6T224frdEqKFgdQ==
Thread-topic:	Re: Majordomo spam problem

I happen to be fighting the same problem as a result of someone sending
to the -outgoing form of a list, and saw Dan's suggestion about it:

> 3. Prevent use of the -outgoing alias from outside your own system by
blocking it at the virtusertable file.

I've been trying to use this, seeing it as the simplest approach to the
problem, or so I thought.  What I'm finding is that majordomo's resend
program appears to forward the message to listname-outgoing@localhost,
but that sendmail receives it and rewrites it to
"listname-outgoing@listserv.domain.name" before the virtusertable is
checked, resulting in the message being bounced.

The server is Red Hat Enterprise Linux v4, running sendmail
8.13.1-3.RHEL4.3 .  Anyone have any pointers?  I've been trying to hack
the sendmail rules without any success, trying to figure out where to
put a sequence of rules like this:

C{spectest1}spectrum-test1 spectrum-test1-announce
F{listserv}listserv.domain.name

# #spectest1 - testing majordomo rewrites for .incl abuse prevention
R$={spectest1} . outgoing < @ localhost > $*	$1 < . incl >	# catch
& save @localhost
R$={spectest1} . outgoing				$1 < . incl >
R$={spectest1} . outgoing < @ $={w} > $*		$1 < @
${listserv} > $3
R$={spectest1} < . incl > $*				$1 . outgoing <
@ ${listserv} > $2

Since the '.' is a special character in sendmail's rules, I've been
using it as the "outgoing" separator so I can get a proper handle on it.
So I try to "save" the outgoing form into the ".incl" form if it is in
the form "listname.outgoing@localhost" .  Then I check for mail sent to
"listname.outgoing@listserv.domain.name" , figuring that it is not
properly addressed, and rewrite it to "listname@listserv.domain.name" so
that Majordomo can run its regular checks on the list.  Then I recover
the "listname.outgoing@ ..." form from its ".incl" storage area.

So, is this a dumb approach, and am I missing a one-line fix somewhere?

Thanks!
-Tom

--
Tom McHugh, Senior Systems Engineer
mailto:Tom.McHugh@Spectrum-Systems.com

Spectrum Systems, Inc.
"Today's Technology--Solutions for Tomorrow"

11320 Random Hills Road, Suite 630
Fairfax, VA 22030-6001
703-591-7400 x218
703-591-9780 (Fax)
http://www.spectrum-systems.com/

With ease and speed!  Spectrum provides full-service solutions that
support the entire software development lifecycle - call us at
800-929-3781 or visit us at http://www.spectrum-systems.com to learn
more.

Indexed By Date	Previous:	Re: Majordomo spam problem From: "Roger B.A. Klorese" <rogerk@queernet.org>
Indexed By Date	Next:	How to get rid of 'BOUNCE <listname>: Non-member submission from' From: "Willem-Jan Vroom" <w.vroom@hccnet.nl>
Indexed By Thread	Previous:	Re: Majordomo spam problem From: Daniel Liston <dliston@sonny.org>
Indexed By Thread	Next:	How to get rid of 'BOUNCE <listname>: Non-member submission from' From: "Willem-Jan Vroom" <w.vroom@hccnet.nl>