Differences between revisions 2 and 3
Revision 2 as of 2008-03-07 18:23:05
Size: 1280
Editor: msapiro
Comment: Replaced note about sitelist.cfg which isn't relevant.
Revision 3 as of 2008-03-11 08:54:53
Size: 1964
Editor: sparesimian
Comment: Integrate details from Mark on how to apply generic_nonmember_action
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
#pragma page-filename SEC/versions/3276857 #pragma page-filename SEC/versions/3276858
Line 8: Line 8:
 1. Discard or hold messages from non-subscribers by default.   1. Discard or hold messages from non-subscribers by default.
Line 14: Line 14:
.h4 Discard or hold messages from non-subscribers by default
Line 18: Line 20:
in mm_cfg.py, and of course, you can change generic_nonmember_action for any specific list after it is created. in mm_cfg.py, and of course, you can change ''generic_nonmember_action'' for any specific list after it is created.
Line 20: Line 22:
Also, if generic_nonmember_action for a list is hold, you can consider setting the list's respond_to_post_requests to No. There is no configuration setting to make this No by default for new lists. Note however that the number of such autoresponses to a single address is limited to MAX_AUTORESPONSES_PER_DAY which defaults to 10, but can be set as low as 1 in mm_cfg.py. Also, if ''generic_nonmember_action'' for a list is hold, you can consider setting the list's ''respond_to_post_requests'' to No. There is no configuration setting to make this No by default for new lists. Note however that the number of such autoresponses to a single address is limited to MAX_AUTORESPONSES_PER_DAY which defaults to 10, but can be set as low as 1 in mm_cfg.py.

For an existing list, ''generic_nonmember_action'' may be changed through the web administrative interface or using the config_list utility. This setting may be found in the web interface for a list under [[http://terri.zone12.com/doc/mailman/mailman-admin/node21.html|Privacy Options]], [[http://terri.zone12.com/doc/mailman/mailman-admin/node23.html|Sender Filters]]. To set this value from the command line for every list:

{{{
#!/bin/bash
cd /path/to/mailman/bin
f=`mktemp`
echo generic_nonmember_action = 3 > $f
for list in `./list_lists --bare`
do ./config-list -i $f $list
done
rm $f
}}}

Backscatter

PROBLEM: Mailman comes out of the box ready to backscatter spam people.

RESOLUTION:

  1. Don't create backscatter aliases for subscribe/unsubscribe/etc by default. Nearly everyone uses web based signup.
  2. Discard or hold messages from non-subscribers by default.

DETAILS:

Removing aliases depends on the installation method.

.h4 Discard or hold messages from non-subscribers by default

The normal default setting for new lists is to hold messages from non-members. If appropriate, you can change this default to discard by putting

DEFAULT_GENERIC_NONMEMBER_ACTION = 3

in mm_cfg.py, and of course, you can change generic_nonmember_action for any specific list after it is created.

Also, if generic_nonmember_action for a list is hold, you can consider setting the list's respond_to_post_requests to No. There is no configuration setting to make this No by default for new lists. Note however that the number of such autoresponses to a single address is limited to MAX_AUTORESPONSES_PER_DAY which defaults to 10, but can be set as low as 1 in mm_cfg.py.

For an existing list, generic_nonmember_action may be changed through the web administrative interface or using the config_list utility. This setting may be found in the web interface for a list under Privacy Options, Sender Filters. To set this value from the command line for every list:

cd /path/to/mailman/bin
f=`mktemp`
echo generic_nonmember_action = 3 > $f
for list in `./list_lists --bare`
do ./config-list -i $f $list
done
rm $f

MailmanWiki: SEC/Controlling spam (last edited 2016-10-07 03:18:21 by msapiro)