2

I am using Mailman with Exim. When a nonmember posts to a mailing list, Mailman can be configured in any of the following ways, each of which has a problem:

  1. Accept it -- this distributes spam to all the list members.
  2. Discard it silently -- this is frustrating and confusing to people who send mail from a secondary address, not realizing it's not the one they're subscribed at.
  3. Hold it for moderation -- this creates a significant workload for the moderator to sift through the spam looking for the few non-spams. If the moderator slacks off, we are effectively back in case (2).
  4. Reject it with a bounce message -- this creates backscatter spam.

It seems to me that the best option would be to do the same thing that Exim does when someone tries to send mail to a nonexistent address: reject it at SMTP connection time with an error code. This way real users will be informed about the problem by their sending MTA, while spam with a forged sender will not create backscatter. Is it possible to configure Exim to query Mailman in this way and reject nonmember list postings at SMTP time?

Mike Shulman
  • 121
  • 4

1 Answers1

1

This is certainly possible. Just to give you a hint: You may use $run and $runrc in the ACL at rcpt stage. See the section 5. after "${run..." under http://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html. You do have to write a script though, which invokes "list_members mailinglist" or you may find the "withlist" command inspiring...

Another approach would be: Have a file per list ready (generated by a script), which contains all members of a list. Then use a lookup in your ACL statement to search for the sender address in that file. The core of the script would be something like:

while read -r list; do
   list_members "$list" > "$EXIM_HOME/mm-lists/$list"
done <<< "$(list_lists -b)"

The corresponding ACL could be something like:

deny
   domains = +local_domains
   condition = ${if exists {MAILMAN_HOME/lists/$local_part/config.pck}{1}{0}}
   ! senders = ${lookup{$sender_address}lsearch{CONFDIR/mm-lists/$local_part}{$sender_address}}
   message = Only list members are allowed to post.

But there are problems with such a mechanism, like racing issues when rewriting the files containing the members, probably security issues, asf.

I did not try the code above and I don't know if this really works. It's just to give you an idea what to try.

Your motivation needs some correction: You do not avoid bounces to forged sender addresses when deciding on SMTP time wether to accept a message or not. You just don't take over the responsibility to deliver the bounce message, you leave that to the sending MTA. Sending bounces back to forged addresses is difficult and it may lead to frozen messages, which is not desirable, but it is probably motivation enough to try what you were asking.

Adrian Zaugg
  • 366
  • 3
  • 11