[Mimedefang] Anti-SPAM for mailman mailing lists question

Chris Myers chris at by-design.net
Tue Jun 22 09:58:36 EDT 2004 

----- Original Message ----- 
From: "Kevin A. McGrail" <kmcgrail at pccc.com>
To: <mimedefang at lists.roaringpenguin.com>
Sent: Tuesday, June 22, 2004 8:23 AM
Subject: [Mimedefang] Anti-SPAM for mailman mailing lists question


> I use mailman on our mailing list server.  The mailing list server uses
> procmail to call SA and since Mailman uses the alias file, emails go to
the
> list prior to being scanned for Virii.
>
> However, all of our mailman lists are on subdomains (i.e.
mailman.pccc.com)
> so it should be fairly easy to augment the system.
>
> My main concern is losing the bounce capabilities of MD by using the
> stream_by_* functions.
>
> Therefore, my thought is to enable stream_by_recipient if one of the
> recipients matches @mailman\.  Has anyone ever done anything similar and
is
> there an easy way to tie in the SPAM test with ALL mailing lists instead
of
> one mailing list at a time?

Idea #1

Have you considered running a separate instance of sendmail+MIMEDefang on an
additional IP address?

Just configure sendmail to bind to a specific IP address, and MX the mailman
subdomains to that address (by name, of course!).  That way you can run a
completely custom filter appropriate to mailman without worrying about
crossover (in fact, anything that looks like crossover is probably
illegitimate!).

Idea #2

Another approach that I'm less certain about (today isn't my "root thru the
sendmail source code day") would be to add an additional IP address to the
existing mail server, MX the lists to it and run your existing
sendmail+MIMEDefang configuration.  My logic is this: since the mailing
lists are on a different hostname+IP address no MTA would ever connect to
that address except to deliver to mailman recipients.  If I'm correct, you
would have the effect of stream_by_domain() taken care of before messages
ever got to MIMEDefang at all.  Again, if you see "crossover" where there
are mailman and non-mailman recipients then either my idea is busted or it's
a bad guy.  The nifty thing about this approach is that you don't have to
worry about running a two instances of MIMEDefang on a single box (which
could get interesting!).

If my logic is sound, idea #2 is much, much easier to implement and is
likely to be more reliable.

Chris Myers
Networks By Design

More information about the MIMEDefang mailing list