Re: Virtusertable Entry Failure

[Ed Kasky <ed @ esson . net>]

Just to cover the basics, I am sure you rebuilt the db after editing 
the virtusertable file right?  ;-)

The suggestion to see what the log shows is a good one.  You could 
even set the debug level to 9, restart sendmail and try sending a 
message to the list and checking the maillog, and then reset the 
debug back to whatever it was beforehand...

Ed

At 11:20 AM Tuesday, 1/16/2007, Daniel Liston wrote -=>
> What does your sendmail maillog entry show for the transaction?  Is majordomo
> in your trusted users file?  Is moroni in your domain names file or even in
> a genericstable of sorts?  Have you experimented at all with possible other
> invocations of listname-outgoing @
top .
domain vs. @sub.top.domain?  Is/are the
> spammers sending to listname-outgoing @
FQDN or listname-outgoing @
your .
domain?
> Does your sendmail have the feature enabled to "always_add_domain"?  Any of
> these could introduce the what you are seeing.  What does the "hostname" or
> "domainname" command show you?
>
> Since you are already using methods to hide the -outgoing alias from showing
> up in message headers, a simple band-aid would be to rename all occurrences
> of listname-outgoing to listname-secretrandomtext.  Since this should never
> be visible outside your own mail system, you could even change randomtext as
> often as you like to stay ahead of spammers that may "discover" it's value.
>
> In the mean time, I will do some googling of sendmail virtusertable and see
> if I can offer any other suggestions.
>
> Dan Liston
>
> karlp @
ourldsfamily .
com wrote:
> > I received notice that one of my groups had been compromised by a spammer
> > sending email to listname-outgoing @
moroni .
ourldsfamily .
com
> >
> > I added a line to /etc/mail/virtusertable:
> >
> >   listname-outgoing @
moroni .
ourldsfamily .
com error:nouser Invalid User
> >
> > which works. Unfortunately, it blocks ALL email to the group. The alias is:
> >
> >   listname:   "|/opt/majordomo-1.94.5/wrapper resend -l listname
> > listname-outgoing,nobody"
> >   owner-listname:     wife @
ourldsfamily .
com,
> >   listname-owner:     wife @
ourldsfamily .
com,
> >   listname-outgoing:  "|/usr/local/bin/bulk_mailer -domain ourldsfamily.com
> > -maxdomains 14 -maxrcpts 4 listname-owner @
ourldsfamily .
com
> > /opt/majordomo-1.94.5/lists/listname", listname-archiver, 
> listname-digestify
> >   listname-approval:  listname-owner
> >   listname-archiver:   "|/opt/majordomo-1.94.5/wrapper archive2.pl -f
> > /opt/majordomo-1.94.5/archives/listname/listname -a -M"
> >   listname-digestify: "|/opt/majordomo-1.94.5/wrapper digest -r -C -l
> > listname-digest listname-digest-outgoing,"
> >   listname-digest:    listname
> >   listname-owner-digest:     listname-owner
> >   listname-digest-approval:  listname-owner
> >   listname-digest-outgoing: 
> :include:/opt/majordomo-1.94.5/lists/listname-digest
> >
> > There are some linewraps so I've added 2 spaces at the beginning 
> of each line
> > to make it more readable.
> >
> > My question: What Do I Do To Fix This and Stop The Spammers, too?
> >
> > TIA
> >

Ed Kasky
~~~~~~~~~
Randomly Generated Quote (417 of 526):
One time I went to a museum where all the work in the museum
had been done by children.  They had all the paintings up on
refrigerators.  --Steven Wright