[colug-432] Emailing COLUG list
R P Herrold
herrold at owlriver.com
Thu Oct 8 15:58:28 EDT 2009
On Thu, 8 Oct 2009, Rob Stampfli wrote:
> I realize this is going to be unpopular because it involves work,
> but it could be automated and I'm willing to provide the script
> if you are willing: Why not extract the membership lists from
> your mailing lists and formulate a grey-milter exception for
> these addresses?
Straightfoward, and actually I do part of this monthly anyway
(dump all MM ML subscriber lists) so I can determine when a
desub happened with diff
The operative script is now at:
http://www.colug.net/manifest-mailman.sh.txt
that generates the raw material.
The target milter-greylist is >= milter-greylist-4.2.2-2orc
build on the project at:
http://hcpnet.free.fr/milter-greylist/
with an ACL pass list in its config file like this:
racl list list "mailman-users" delay 0m autowhite 1d
The stanza it will reference will be:
# mailman start
# List of users to exempt from greylisting
list "mailman-users" rcpt { \
user1 at example.com \
user2 at example.com \
user3 at example.com \
}
# mailman end
I'll be adding it to an hourly cron, at first most likely.
We'll see if the load goes too high with lots of entries
Go for it -- if under a suitable FOSS license, I'll certainly
look at any suggestions
Obviously the markers are what I will auto-manage the
/etc/mail/greylist.conf file from -- I dont _think_ it has
'include capability ... yet
Yes, I know that the purist will blanch at the
> suggestion because email addresses can be forged, but the reality
> is that they hardly ever are forged for the purpose of sending
> spam to lists. (Yet!)
>
> Another alternative would be to simply whitelist the domain
> "gmail.com". I suppose it is conceivable that someone could
> put establish an rDNS record to impersonate gmail, but I'm also
> fairly confident Google would make quick work of them if they
> did.
not sure that I want that rDNS load for every piece of mail a
second time, and more importantly, I think that a domain based
'lookup' on the last hop sender in the whitelisting does NOT
do that presently. I think it rather does textual comparisons
on the From address's asserted domain. I may be wrong.
> Sometimes it's easier to plow around the stumps.
perhaps -- running code will talk, of course.
- Russ herrold
More information about the colug-432
mailing list