cocoon-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@collab.net>
Subject Re: Mailing list moderation
Date Thu, 10 Apr 2003 04:24:05 GMT
On Wed, 9 Apr 2003, Justin Erenkrantz wrote:
 --On Wednesday, April 9, 2003 5:25 PM +0200 Steven Noels
> <stevenn@outerthought.org> wrote:
>
> > Infrastructure/mail people: what are the spam countermeasures currently in
> > use for incoming mail from non-subscribers sent to moderated lists? Is spam
> > passed on for human moderation as-is, or is there some filtering (like
> > SpamAssassin) prior to that?
>
> I believe the blackhole filter is applied to all mail (mainly email from China
> and known spam content).

There are a myriad of countermeasures.  Someone want to toss this into the
infrastructure or apmail repos?

1st line: IP address blocking.  Sad but true, there are some IP addresses
that are Just No Good, based on past experience.  Those with shell
accounts on icarus or daedalus can see what's blocked by looking at the
ipfw lines in /etc/rc.local.

2nd line: "badmailfrom" and "badheaders" - these two files in
/var/qmail/control list domains and header patterns that will cause
qmail-smtpd to reject a message immediately.  The advantage of this is
that it doesn't even touch the queue, so bounces to bogus addresses (which
are annoying to postmaster@) are avoided.  Generally only conservative
patterns are put in here, but false positives are possible.

3rd line: "spamwatch", a Perl script in /var/qmail/bin hand-maintained by
Brian that contains patterns seen in headers and message bodies that have
generally been very very good indicators of spam.  It's more aggressive
than the rules in /var/qmail/control/badheaders and badmailfrom, but
messages that are caught are saved to /var/log/blackholedspam for
occasional review for false positives.  Current false-positive rate is
about 1 in 1000.  "spamwatch" is in the defaultdelivery (a qmail term),
but if there are .qmail files those take precedence, so it needs to be
added to a .qmail file in order to filter messages handled by that .qmail
file.  One would add it by adding "|/var/qmail/bin/spamwatch" to the top
of any given .qmail file.  When ezmlm-make is run it *should* place
spamwatch into the .qmail files for the mailing lists, but we've been
inconsistant about that in the past.

It does appear that spamwatch is run on messages sent to the mailing list
address cocoon-docs@xml.apache.org.

Spamassassin is not run, but is installed on icarus for people to run for
themselves if they wish.  It's not a regularly updated and maintained tool
though, at least currently.

	Brian


Mime
View raw message