|FROM ||Paul Robert Marino
|SUBJECT ||Re: [NYLXS - HANGOUT] this should not get through
|the most efficient way to do it is in postfix prior to the delivery to
the mailing list server.
there are many anti-spoofing plugins you can use to attempt to detect
and block it.
On 2/26/2010 7:40 PM, Ron Guerin wrote:
> Ruben Safir wrote:
>> I'm sorry, I missunderstood you. Your saying that the mbox client, for
>> lack of a better term, creates the From line in the mbox format from the
>> envelope, and that it isn't strictly a header?
>> I think your right about that. I seem to remember reading that.
>> That is a problem though. I can spoof any From: header with mutt in a
>> second and so can any spammer. How the heck can you protect the mailing
> You can spoof the entire contents of an email including the envelope.
> Nothing new there. I don't know much about Majordomo, but unless it has
> native anti-abuse features or a plugin architecture to add them
> yourself, this is all beside the point. By the time the message gets to
> Majordomo, the question of whether or not to accept it has already been
> made. You need to insert something in front of it, just like I'm
> finding myself doing with GNU Mailman.
> GNU Mailman happens to have a very nice integrated feature for dealing
> with list spam. But it doesn't apply that to mail that's just "passing
> through" to the administrative addresses. So in order to spare myself
> and everyone else who looks after the list from all the spam that tries
> to get sent to those addresses, I have to intercept the mail before it
> hits Mailman. That's what you're going to have to do as well in the
> absense of any internal anti-abuse functionality in Majordomo.
> But for the sake of completeness, I'm now going to reverse gears and
> assume that Majordomo does have internal anti-abuse features. If it
> does, and all it bases its decisions on is who the mail appears to be
> from, it's never going to be very useful because that's really the least
> useful thing for determining what's spam and what's not. Trust no one,
> analyze everything. Spam is still spam even when your mother sends it
> to you.
> - Ron