Re: [Mailman-Users] Challenge/Response
Thanks for everyone's thoughts and suggestions. I have recommended setting each list on emergency moderation. They have about a dozen lists for various tasks. So, I suggested each list be assigned a moderator/administrator (Currently one person manages all lists). Since the fear is the person will be spoofing the From field, the moderators will have to review the contents of each message and make a judgment about its validity. If there is doubt the moderator can always do a manual challenge/response to the supposed sender to see if they really sent a particular message. I agree that this is as much a social/emotional issue as a technical one. The organization needs to be very clear to everyone in how the handle the problem and then just weather the storm. On 2/10/07 12:32 PM, Karl Zander [EMAIL PROTECTED] wrote: On Sat, 10 Feb 2007 12:18:26 -0800 Mark Sapiro [EMAIL PROTECTED] wrote: Karl Zander wrote: Fundamentally, its not a technology problem. Agreed, but as others have suggested, technology can help. Yes. I didn't mean to imply it could not. We are using technology to help us manage the situation and its being effective. But you have to be prepared to ride out the emotional part of this. And if you do clamp down the lists, the person may go after softer parts of the organization if they are inclined to make trouble. We have seen our interloper move on to a sister organization's lists. --Karl -- Bob Morse Morse Media http://www.morsemedia.net 707-444-9566 -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/Response
Bob Morse writes: The problem remains, however: How do I prevent spoofing? In this case they have a real fear due to a board member who is soon to be ejected from the board and have organizational membership taken away. They feel he is capable (both emotionally and technically) of major disturbances on one or more of about a dozen mailing lists the organization maintains. Wouldn't moderating non-members and requiring admin approval for subscriptions be enough? Or is he capable of spoofing a member's From address? If not, I've been there (the problem wasn't a board member, more like a stalker). However challenge/response wouldn't help anyway, because it's easy enough to set up an autoresponder for typical C/R systems. If not, and he's determined, he'll just do the C/R dance by hand. What we ended up with was blacklisting the guy's known accounts, hosts, and IP addresses, which caught most of the shrapnel, and human moderation for about a month. He gave up after two weeks of zero success in several hundred attempts to subscribe or otherwise get past the filters. Had he come back they were prepared to cross-check IP addresses from the Received headers against From addresses for the regular posters. Don't know if he would have been capable of getting around that (spoofing both From and Received is easy enough if you know what you're doing), fortunately we didn't have to go to those extremes. Here's hoping you don't have to, either. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/Response
The problem remains, however: How do I prevent spoofing? In this case they have a real fear due to a board member who is soon to be ejected from the board and have organizational membership taken away. They feel he is capable (both emotionally and technically) of major disturbances on one or more of about a dozen mailing lists the organization maintains. What makes this even more of a challenge¹ is that the account is on a shared server. I think that you're trying to deal with a sociological problem here. I'll presume that the organization is prepared to make a statement about this personnel action. In general, that's a Public Relations issue, not a technological one. I'll also presume that the individual who is involved does not have administrative access (root, etc.) to the Mailman host site. The site administrator(s) need to be informed of the action that is about to take place, and told to secure the site appropriately, etc. So far as handling any fall-out from this action on one or more mail lists, I'll suggest that you have list moderators (list administrator level, but the job is moderation) prepared to weather developments. It would be very wise to have somebody in a list administration role who is prepared to handle Public Relations handling of the fallout from this action. Technically, start with embargoing the individual's known accounts (unsubscribe, or at least put on moderation, and use the Mailman filters to catch probable variations, prevent posting from non-registered addresses, and require moderator review of new subscriptions). Then, wait for developments. Experience with this sort of thing suggests that the problem individual will try to post, and will ultimately succeed, but will have built up such a head of steam that the post will lose whatever support the individual might have had. Mailman has some very good resources a savvy moderator can use effectively for damage control. The ultimate weapon, of course, is putting the entire list on emergency moderation. I won't go into detail here, but the major list I set up a Mailman host site for survived a split between the two co-founders, in which one was fired, about three years ago. The individual who was removed did have several bogey addresses, and once he discovered that his main addresses were moderated, blew a fuse and posted a couple of real flames, some months afterward. Net effect: six resignations (out of 2500 members), and some offlist discussion about if this is the way the guy really is, who needs him? Hank -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/Response
On Fri, 09 Feb 2007 15:54:59 -0800 Bob Morse [EMAIL PROTECTED] wrote: Thank you all for your insights in the Challenge/Response question. I am convinced this is not the way to go. In fact, I used some of the same arguments to the client when he brought it up. The problem remains, however: How do I prevent spoofing? In this case they have a real fear due to a board member who is soon to be ejected from the board and have organizational membership taken away. They feel he is capable (both emotionally and technically) of major disturbances on one or more of about a dozen mailing lists the organization maintains. What makes this even more of a challenge¹ is that the account is on a shared server. We are dealing with a similar situation now. Some member, or non-member, is spoofing the From: address of members to post to the lists. We have full emergency moderation turned on so all messages are reviewed before posting. And at the MTA we have instituted various other checks that help prevent messages from getting to Mailman. There is no (easy) technology now that can prevent this. If the person is inclined to make trouble, they will. If not through the lists, then by some other means. Fundamentally, its not a technology problem. --Karl -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/Response
Karl Zander wrote: Fundamentally, its not a technology problem. Agreed, but as others have suggested, technology can help. For example, if the 'bad guy' has a fixed IP, you can set header_filter_rules to discard messages that have that IP in a Received: header. Of course, that may just force him to go to dial-up for posting IF he figures out why his messages don't make it. -- Mark Sapiro [EMAIL PROTECTED] The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/Response
On Sat, 10 Feb 2007 12:18:26 -0800 Mark Sapiro [EMAIL PROTECTED] wrote: Karl Zander wrote: Fundamentally, its not a technology problem. Agreed, but as others have suggested, technology can help. Yes. I didn't mean to imply it could not. We are using technology to help us manage the situation and its being effective. But you have to be prepared to ride out the emotional part of this. And if you do clamp down the lists, the person may go after softer parts of the organization if they are inclined to make trouble. We have seen our interloper move on to a sister organization's lists. --Karl -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/response
Bob Morse wrote: I have a client who is concerned about his list subscriber addresses being spoofed. In other words someone who knows the addresses of people on the list can set up a mail server and spoof the subscriber so he can post nasty things to the list. He would like to set up a challenge/response mechanism so that when [EMAIL PROTECTED] posts to the list, [EMAIL PROTECTED] gets sent a copy of the message and must confirm that he/she was the sender before it gets posted. I don¹t see any configuration in Mailman for this. Is it possible? BTW, searching the archives at mail-arcihve.com gets a 404 error. Realize that should you implement Challenge/Response, your server WILL be blacklisted by various DNSBLs out there. Backscatter is indistinguishable from spam to spamtraps. -- Jay Chandler Network Administrator, Chapman University 714.628.7249 / [EMAIL PROTECTED] Today's Excuse: positron router malfunction -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/Response
Thank you all for your insights in the Challenge/Response question. I am convinced this is not the way to go. In fact, I used some of the same arguments to the client when he brought it up. The problem remains, however: How do I prevent spoofing? In this case they have a real fear due to a board member who is soon to be ejected from the board and have organizational membership taken away. They feel he is capable (both emotionally and technically) of major disturbances on one or more of about a dozen mailing lists the organization maintains. What makes this even more of a challenge¹ is that the account is on a shared server. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/Response
At 3:54 PM -0800 2/9/07, Bob Morse wrote: The problem remains, however: How do I prevent spoofing? If the problem is that sensitive, then your only option that I can see is to use human moderation. For each message that comes in, you have a human look at it to see if it's legitimate or not, and take appropriate action. In this case they have a real fear due to a board member who is soon to be ejected from the board and have organizational membership taken away. They feel he is capable (both emotionally and technically) of major disturbances on one or more of about a dozen mailing lists the organization maintains. Turn on emergency moderation for all lists, until the emergency has passed. What makes this even more of a 'challenge' is that the account is on a shared server. If he can get onto your shared server, then you've got much, much bigger problems. In that case, there's nothing that Mailman can do to save your soul. -- Brad Knowles [EMAIL PROTECTED], Consultant Author Co-author of SAGE Booklet #15 Internet Postmaster: Duties and Responsibilities Founding Member and Platinum Individual Sponsor of LOPSA: http://www.lopsa.org Papers: http://tinyurl.com/tj6q4 LinkedIn Profile: http://tinyurl.com/y8kpxu -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
[Mailman-Users] Challenge/response
I have a client who is concerned about his list subscriber addresses being spoofed. In other words someone who knows the addresses of people on the list can set up a mail server and spoof the subscriber so he can post nasty things to the list. He would like to set up a challenge/response mechanism so that when [EMAIL PROTECTED] posts to the list, [EMAIL PROTECTED] gets sent a copy of the message and must confirm that he/she was the sender before it gets posted. I don¹t see any configuration in Mailman for this. Is it possible? BTW, searching the archives at mail-arcihve.com gets a 404 error. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/response
On 2/8/07, Bob Morse [EMAIL PROTECTED] wrote: I have a client who is concerned about his list subscriber addresses being spoofed. In other words someone who knows the addresses of people on the list can set up a mail server and spoof the subscriber so he can post nasty things to the list. He would like to set up a challenge/response mechanism so that when [EMAIL PROTECTED] posts to the list, [EMAIL PROTECTED] gets sent a copy of the message and must confirm that he/she was the sender before it gets posted. I don¹t see any configuration in Mailman for this. Is it possible? So far as I know, this isn't possible in Mailman. You'd have to modify the code.. If you think you're up to it, other folk should be able to give you some pointers as to the best way to do this. -- - Patrick Bogen -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/response
Bob Morse wrote: BTW, searching the archives at mail-arcihve.com gets a 404 error. I see that too, but that is a www.mail-archive.com issue. We can't do anything about it. See http://www.python.org/cgi-bin/faqw-mm.py?req=showfile=faq01.018.htp for info on searching http://mail.python.org/pipermail/mailman-users/ with Google. -- Mark Sapiro [EMAIL PROTECTED] The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/response
At 1:40 PM -0800 2/8/07, Bob Morse wrote: He would like to set up a challenge/response mechanism so that when [EMAIL PROTECTED] posts to the list, [EMAIL PROTECTED] gets sent a copy of the message and must confirm that he/she was the sender before it gets posted. I don't see any configuration in Mailman for this. Is it possible? Challenge/response is one of the most vile inventions that has ever been applied to the concept of Internet e-mail. I would violently oppose any integration of such features into any project I was involved with. At the very least, you would have to be very, very careful how such a system was created, so as to avoid the problem where the cure is far worse than any possible disease that you might have. -- Brad Knowles [EMAIL PROTECTED], Consultant Author Co-author of SAGE Booklet #15 Internet Postmaster: Duties and Responsibilities Founding Member and Platinum Individual Sponsor of LOPSA: http://www.lopsa.org Papers: http://tinyurl.com/tj6q4 LinkedIn Profile: http://tinyurl.com/y8kpxu -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/response
Quoting Brad Knowles ([EMAIL PROTECTED]): At 1:40 PM -0800 2/8/07, Bob Morse wrote: He would like to set up a challenge/response mechanism so that when [EMAIL PROTECTED] posts to the list, [EMAIL PROTECTED] gets sent a copy of the message and must confirm that he/she was the sender before it gets posted. I don't see any configuration in Mailman for this. Is it possible? Challenge/response is one of the most vile inventions that has ever been applied to the concept of Internet e-mail. I would violently oppose any integration of such features into any project I was involved with. Somebody should integrate PGP signing into Mailman (as an option) so that you could set it up so when you subscribe to a list you give it your public key, and you can't post to the list unless the message is PGP signed by that key. rant Digital signatures on email is something that is extremely overdue. PGP signatures have been grafted on in a half-assed way, but someday either no mail will travel unless it's been correctly signed or email will disappear as a viable means of communication because of the spam problem. /rant -- Paul Tomblin [EMAIL PROTECTED] http://blog.xcski.com/ Belligerent Design: The theory that life was put on this planet by an external sentient force just to piss me off. - Lore Brand Comics -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/response
Brad Knowles writes: Challenge/response is one of the most vile inventions that has ever been applied to the concept of Internet e-mail. *chuckle* I wouldn't go so far, since the spam that evoked it is far worse, but I'm steadfastly opposed to challenge-response. If you absolutely *must* do this thing, be prepared to get violent responses and to lose mail from people that you'd really like to get mail from. Now that you're properly warned, I believe that there is a description of how to integrate TMDA, a popular Python-based challenge-response system, into Mailman in the Mailman FAQ wizard. If not, I suppose there would be one on the TMDA home page. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp
Re: [Mailman-Users] Challenge/response
I have a client who is concerned about his list subscriber addresses being spoofed. In other words someone who knows the addresses of people on the list can set up a mail server and spoof the subscriber so he can post nasty things to the list. He would like to set up a challenge/response mechanism so that when [EMAIL PROTECTED] posts to the list, [EMAIL PROTECTED] gets sent a copy of the message and must confirm that he/she was the sender before it gets posted. I don¹t see any configuration in Mailman for this. Is it possible? Challenge-response is a well-known spam relay issue, and very undesirable. Mailman privacy options allow you to force moderation of mail purportedly coming from specific addresses You should also investigate methods using your MTA or adding a filter to the mailman address input, and not even think about challenge-response. Hank -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp