>>>>> "Brad" == Brad Knowles
>>>>> "Re: [Mailman-Users] spam, spamcop and mailman moderation"
>>>>>  Fri, 10 Nov 2006 20:51:55 -0600

    Brad> At 11:45 AM -0500 11/10/06, Charles Gregory wrote:
    >> The only suggestion I can come up with is some simple
    >> last-minute filtering within mailman itself: Only send a
    >> 'holding' notice if the visible 'From' header matches the
    >> Envelope Sender, and if the visibile 'To' address contains the
    >> mailman list address. The advantage to handling this within
    >> mailman, and not in spamassassin, is that you aren't choosing
    >> to discard the mail based on this criteria. You're just
    >> deciding whether to send a courtesy e-mail warning of
    >> moderation.

    Brad> This is an excellent idea, and I'd like to see this get
    Brad> included as another option.

    Brad> Can you file this an RFE for this on the appropriate page on
    Brad> SourceForge, or in the wiki?  Would you have the ability to
    Brad> share with us the code that you developed to implement this
    Brad> function?  If so, could you upload that as a patch to the
    Brad> appropriate page on SourceForge, or post it on the wiki?

Perhaps amend Charles' suggestion to also provide a response when a
specified regular expression is found in the message header.  For
example, some would find it appropriate to respond when something like
the following were found:

        Received-SPF: pass (mybox.example.org: ...

In this example, the challenge would be to have a regular expression
matching only trusted mx hosts under your control and determining that
the "Received-SPF:" field was written by a trusted MX host and not by
anybody else (considering the content and position of the
"Received-SPF:" field in the trace relative to the "Received:" fields
by known trusted hosts might be sufficient for many folks).  The
Received-SPF header field is specified in RFC4408 Section 7.

Please consider this amendment to Charles' suggestion without arguing
the merits of SPF here.  This is only one example of using a header
field to augment Charles' original suggestion.

        jam

Attachment: pgpOQloPSbNfV.pgp
Description: PGP signature

------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Reply via email to