Great Circle Associates Majordomo-Users
(August 2007)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: outgoing address compromised
From: "Peter A. Chapman" <peter @ bankrupt . com>
Date: Wed, 01 Aug 2007 15:08:26 -0400
To: <majordomo-users @ greatcircle . com>
In-reply-to: <007f01c7d462$918f4e40$b4adeac0$ @ ca>
References: <007f01c7d462$918f4e40$b4adeac0$ @ ca>

I'm confused.  If test-outgoing is aliased to /dev/null rather than include:/usr/local/majordomo/lists/test won't all e-mail messages sent to the test majordomo mailing list be sent to the big trash can in the sky?  How does a legitimate e-mail message get distributed to the mailing list rather than forwarded to junkmaster?  I've never used postfix.  Is postfix able to flag messages sent to test-outgoing that don't originate from test?  

-------

At 01:37 PM 8/1/2007, Chris Knowles wrote:
>I recently discovered that some viruses had harvested the list-outgoing
>address from some of my mailing lists.
>
>After searching the majordomo-users archive I found others who had
>encountered similar problems.
>
>I'm running majordomo-1.94.5 with postfix so the sendmail solutions didn't
>work for me.
>Though the concept does translate.
>
>The messages are typically using forged headers with return-mail addresses
>of innocent
>3rd parties. Instead of trying to direct the message via an "error: nouser
>User unknown" bounce to
>the innocent 3rd party, I elected to create a canonical recipient map table
>containing
>all of the <list>-outgoing aliases on my server (over 30) and redirect them
>to "junkmaster".
>This user is then aliased to /dev/null. This way the viruses/spam sent
>directly to the list are quietly dropped.
>
>In my main.cf file I added the line:
>
>        recipient_canonical_maps = hash:/etc/postfix/recipient_canonical_map
>
>and recipient_canonical_map contains lines similar to the following:
>
>        # canonical names to redirect messages sent directly to
>"list-outgoing"
>        #
>        test-outgoing   junkmaster
>        staff-outgoing  junkmaster
>        parttime-outgoing       junkmaster
>
>This list is then compiled using the postmap command
>
>/etc/aliases entry is:
>
>        #
>        # Junk messages that are sent to <list>-outgoing
>        junkmaster:             /dev/null
>
>I hope this is useful to others who encounter this problem.
>
>Chris Knowles
>Redeemer University College
>Ancaster, Ontario Canada




Follow-Ups:
References:
Indexed By Date Previous: Re: outgoing address compromised
From: "Chris Knowles" <cknowles @ redeemer . ca>
Next: Re: outgoing address compromised
From: "Julian H. Stacey" <jhs @ berklix . org>
Indexed By Thread Previous: Re: outgoing address compromised
From: "Chris Knowles" <cknowles @ redeemer . ca>
Next: Re: outgoing address compromised
From: "Chris Knowles" <cknowles @ redeemer . ca>

Google
 
Search Internet Search www.greatcircle.com