subject:"\[Mailman\-Users\] SPAM Control"

Re: [Mailman-Users] SPAM Control

2005-11-08 Thread Mark Sapiro

Chris Barnes wrote:
>
>I guess what I am asking is for a way to be MM to process a 
>.procmailrc - specific to each list - before distributing to the list.

I think header_filter_rules is lacking one thing that would allow your
simply dropping your procmail recipes directly in, and that is the
fact that if you list multiple re's in a rule, they are always OR'd,
not ANDed.

I have no experience with the first part of this, but it may be
possible to use your list aliases to invoke procmail instead of
mailman and then have the procmail recipes either delete the mail or
deliver it to the appropriate wrapper command. I do have experience
with delivering from procmail to mailman in a different context, and
that works well.

The specifics in my case are that all mail to a particular virtual
domain is delivered to procmail which has recipes for delivering to
various 'generic' addresses in the domain and recipes like

EnvelopeTo = $1

...

# LISTNAME mailman list
:E
* EnvelopeTo ?? ^LISTNAME$
|sudo -u mailman /var/mailman/mail/mailman post LISTNAME
:E
* EnvelopeTo ?? ^LISTNAME-admin$
|sudo -u mailman /var/mailman/mail/mailman admin LISTNAME
...

Depending on how this is set up, you may or may not need sudo and an
appropriate entry in /etc/sudoers.

Having Mailman actually invoke procmail after receiving the mail to
implement spam filtering might be doable too, although it would be
better to do it as above if possible, i.e., before the mail gets to
mailman. You could try implementing a new handler and putting it first
in the pipeline (you test with a test list with it's own pipeline
attribute and after you're satisfied, but it in GLOBAL_PIPELINE and
OWNER_PIPELINE). The handler could invoke procmail to apply the
recipes in a .procmailrc.

Another drawback to both this added handler and header_filter_rules, is
they are only applied to posts and messages to -owner and not to
messages to -bounces, etc. Thus, it is best if you can arrange to not
deliver the spam to Mailman in the first place.

-- 
Mark Sapiro <[EMAIL PROTECTED]>   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-08 Thread Chris Barnes

Mark Sapiro <[EMAIL PROTECTED]> wrote:
>
> If you want mailman to deal with it, you can use header_filter_rules
> to recognize the headers and act accordingly, but why not just delete
> the spam before it gets to mailman?

That would be fine for MailMan, but not for everyone else (MM exists on 
the main mail server with all the other users).  The users get their 
messages tagged, but not deleted. The reason for this is that no matter 
how good a spam filter is (or in our case - a combination of spam 
filters), there will occationally be the false positive.   Automatically 
deleting false positives can have disasterous effects.


I guess what I am asking is for a way to be MM to process a 
.procmailrc - specific to each list - before distributing to the list.


as an exanoke, this is what I put in my own .procmailrc to handle the 
spam header tags:

# We have 3 spam filters running on the server:
# 1) SpamAssassin (SA) adds the headers "^X-Spam-Level:" and 
"X-Spam-Status:"
#  and if the score is >5, adds "[Spam]" to the Subject line
# 2) BogoFilter adds the header "^X-Bogosity:" with values of "Yes, No, 
Unsure"
# 3) QSF adds the header "X-Spam:" with values of "YES, No".


# Begin recipes for table shown in
# http://physics.tamu.edu/services/comp_support/docs/AntiSpam.html

# Row 2, col 4
# all agree it is ham, no need for learning, but still need the rule
# so processing of this script stops.  Do this one first since 
(hopefully)
# most of the incoming email will match and speed the processing of this 
script
:0
* ^X-Bogosity:.\Ham
* ^X-Spam:.\No
* ^X-Spam-Status:.\No,.\score=-
$DEFAULT

# Not in the table, but if SA scores higher than 8, put directly in Spam 
folder
# A score of 8 or more from SA is enough on it's own to be sure it IS 
spam
:0
* ^X-Spam-Level:.\*\*\*\*\*\*\*\*
.Spam/


# Row 1, col 1
# Bogo Spam, Qsf Spam, SA ham --> not sure
:0
* ^X-Bogosity:.\Spam
* ^X-Spam:.\Yes
* ^X-Spam-Status:.\No,.\score=-
.Unsure/

# Row 1, col 2 & 3
# Bogo Spam, Qsf Spam, SA between 0 & 8 --> spam
:0
* ^X-Bogosity:.\Spam
* ^X-Spam:.\Yes
# no need to check SA score here
.Spam/

# Row 1, col 4
# Bogo yes, both SA and Qsf say Ham --> ham folder for learning
:0
* ^X-Bogosity:.\Spam
* ^X-Spam:.\No
* ^X-Spam-Status:.\No,.\score=-
.Ham/

# Row 1, col 5
# Bogo yes, SA 0-5, Qsf no  --> We're not sure
:0
* ^X-Bogosity:.\Spam
* ^X-Spam:.\No
* ^X-Spam-Status:.\No
.Unsure/

# Row 1, col 6
# Bogo yes, SA score is 5-8 (yes), put directly in Spam folder
# Qsf ranking doesn't matter if Bogo & SA are that sure.
:0
* ^X-Bogosity:.\Spam
* ^X-Spam-Level:.\*\*\*\*\*
.Spam/

# Row 2, col 1
# Bogo and SA are sure it's ham, Qsf Spam --> ham folder for learning
:0
* ^X-Bogosity:.\Ham
* ^X-Spam:.\Yes
* ^X-Spam-Status:.\No,.\score=-
.Ham/

# Row 2, col 2
# Bogo Ham, SA 0-5, Qsf yes --> We're not sure
:0
* ^X-Bogosity:.\Ham
* ^X-Spam:.\Yes
* ^X-Spam-Status:.\No
.Unsure/

# Row 2, col 3
# Bogo Ham, SA 5-8, Qsf yes --> We're not sure
:0
* ^X-Bogosity:.\Ham
* ^X-Spam:.\Yes
* ^X-Spam-Status:.\Yes
.Unsure/

# Row 2, col 5
# Bogo no, SA 0-5, Qsf no  --> Ham for learning
:0
* ^X-Bogosity:.\Ham
* ^X-Spam:.\No
* ^X-Spam-Status:.\No
.Ham/

# Row 2, col 6
# Bogo no, SA 5-8, Qsf no  --> Not sure
:0
* ^X-Bogosity:.\Ham
* ^X-Spam:.\No
* ^X-Spam-Status:.\Yes
.Unsure/

# Row 3, col 1
# Bogo Unsure, SA negative, Qsf yes --> Unsure
:0
* ^X-Bogosity:.\Unsure
* ^X-Spam:.\Yes
* ^X-Spam-Status:.\No,.\score=-
.Unsure/

# Row 3, col 2
# Bogo Unsure, SA 0-5, Qsf yes --> more likely, but still Unsure
:0
* ^X-Bogosity:.\Unsure
* ^X-Spam:.\Yes
* ^X-Spam-Status:.\No
.Unsure/

# Row 3, col 3
# Bogo Unsure, SA 5-8, Qsf yes --> sure enough to put in Spam
:0
* ^X-Bogosity:.\Unsure
* ^X-Spam:.\Yes
* ^X-Spam-Status:.\Yes
.Spam/

# Row 3, col 4 & 5 (together)
# Bogo unsure, SA & Qsf say ham --> Ham for learning
:0
* ^X-Bogosity:.\Unsure
* ^X-Spam:.\No
* ^X-Spam-Status:.\No
.Ham/

# Row 3, col 6
# Bogo unsure, SA 5-8, Qsf No --> Unsure (only SA says yes)
:0
* ^X-Bogosity:.\Unsure
* ^X-Spam:.\No
* ^X-Spam-Status:.\Yes
.Unsure/


--

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Chris Barnes   AOL IM: CNBarnes
[EMAIL PROTECTED]Yahoo IM: chrisnbarnes



--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-07 Thread Mark Sapiro

Chris Barnes wrote:
>
>Hmm.  I just got done searching the archives and am still not sure what 
>to do.  On our mail server (which also has Mailman installed) we have 3 
>anti-spam packages installed (SpamAssassin, qsf, & Bogofilter).  The 
>combo of all three make for a very effective system.
>
>What I don't see is a way to get MM to utilize the headers created by 
>the 3 packages.


If you want mailman to deal with it, you can use header_filter_rules to
recognize the headers and act accordingly, but why not just delete the
spam before it gets to mailman?

-- 
Mark Sapiro <[EMAIL PROTECTED]>   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-07 Thread David Gibbs

Christopher X. Candreva wrote:
> If you aren't already, DNSbl's to block connects from dynamic IPs, known 
> infected networks, spammers, etc. We're using combined.njabl.org, 
> sbl-xbl.spamhaus.org, and list.dsbl.org

In addition, I've found that greylisting the -admin, -join, -owner,
-request, and -subscribe, email addresses does a wonderful job of
reducing the drek that gets sent to the lists.

I've only had to greylist those addresses for 2 minutes to see good results.

david

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-07 Thread Chris Barnes

Brad Knowles <[EMAIL PROTECTED]> wrote:
> At 10:27 AM -0600 2005-11-04, [EMAIL PROTECTED] wrote:
>
>>  I'm an AMD-64 Gentoo Linux, Postfix, Mailman server - does anyone
>>  have any suggestions for a system wide anti-spam tool that
>> integrates well?
>
> There are some good things in the FAQ Wizard showing you how to
> integrate postfix, amavisd-new, SpamAssassin, ClamAV, etc... into
> your mail server configuration, and Mailman 2.1.6 adds some features
> to help make better use of the anti-spam information that it is fed
> by such tools.
>
> You should also search the archives of the list.

Hmm.  I just got done searching the archives and am still not sure what 
to do.  On our mail server (which also has Mailman installed) we have 3 
anti-spam packages installed (SpamAssassin, qsf, & Bogofilter).  The 
combo of all three make for a very effective system.

What I don't see is a way to get MM to utilize the headers created by 
the 3 packages.

--

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Chris Barnes   AOL IM: CNBarnes
[EMAIL PROTECTED]Yahoo IM: chrisnbarnes



--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-04 Thread Brad Knowles

At 10:27 AM -0600 2005-11-04, [EMAIL PROTECTED] wrote:

>  I'm an AMD-64 Gentoo Linux, Postfix, Mailman server - does anyone have any
>  suggestions for a system wide anti-spam tool that integrates well?

There are some good things in the FAQ Wizard showing you how to 
integrate postfix, amavisd-new, SpamAssassin, ClamAV, etc... into 
your mail server configuration, and Mailman 2.1.6 adds some features 
to help make better use of the anti-spam information that it is fed 
by such tools.

You should also search the archives of the list.

On the python.org machines where the Mailman-related mailing 
lists are run, we use postfix pluss the python package SpamBayes, and 
that usually works pretty well -- although it does require periodic 
retraining.

-- 
Brad Knowles, <[EMAIL PROTECTED]>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

 -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
 Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See  for more info.
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-04 Thread Ivan Fetch

Hi Kevin,

Where would you like the spam to be put instead of the hold directory? 
If the spam is filtered to some other folder, there will still be 
something  which will need to be cleaned at some point.  There's always the 
"Discard 
held messages older than this number of days" option in mailman 2.1.6.


Thanks - Ivan.



On Fri, 4 Nov 2005 [EMAIL PROTECTED] wrote:

> Alas, much simplier Ivan:  Most of my list only allow members to post.
> Most spammers don't bother to subscribe, so their e-mails get deferred.
> Every morning at 8am I get a note telling me how many are pending...
>
> What I'm looking for is something that could sit between Postfix and
> Mailman and filter most of this "stuff" out.  I'm risk adverse, so would
> like it routed somewhere instead of being dropped automatically, but
> protecting all my lists (and users) would be cool.
>
> Kevin
>
>> Hi Kevin,
>>
>> I'm curious, how are you filtering spam - with a spam filtering rule
>> that matches a particular header and holds the message?  If so, do you
>> have lists configured to send notifications for held messages?  We found
>> that this of course generates backscatter ("your message has been held"
>> outbound emails to addresses which are forged or do not exist) - we are
>> looking for other ways to (perhaps) forward emails matching a spam rule to
>> the listname-owner address with a note somewhere about why the owners are
>> receiving the message.
>>
>>
>> Thanks - Ivan.
>>
>>
>> On Fri, 4 Nov 2005 [EMAIL PROTECTED] wrote:
>>
>>> All -
>>>
>>> Although Mailman does a great job blocking SPAM from my users, the daily
>>> task of purging all defered e-mails (SPAM 99.9% of the time) is growing
>>> weary.
>>>
>>> I'm an AMD-64 Gentoo Linux, Postfix, Mailman server - does anyone have
>>> any
>>> suggestions for a system wide anti-spam tool that integrates well?
>>>
>>> Kevin
>>>
>>>
>>
>
>
>
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-04 Thread Darren G Pifer

On Fri, 2005-11-04 at 11:27, [EMAIL PROTECTED] wrote:
> All -
> 
> Although Mailman does a great job blocking SPAM from my users, the daily
> task of purging all defered e-mails (SPAM 99.9% of the time) is growing
> weary.
> 
> I'm an AMD-64 Gentoo Linux, Postfix, Mailman server - does anyone have any
> suggestions for a system wide anti-spam tool that integrates well?

We, at Old Dominion University, use CanItPRO software from Roaring
Penguin (www.roaringpenguin.com). They have a freeware version, CanIt,
but the university bought the full blown version of the software and
support for about $40k for 3 years. We run Red Hat Enterprise Linux,
sendmail, mailman and CanItPRO on 3 clustered mail machines with a
Solaris machine running a PostgreSQL database. We have used the product
since March this year and are pleased with it. We are still trying to
get max use out of the product. They are a small company but have been
around for awhile. For instance, the guy who wrote MIMEDefang is
president of the company and have maybe 10 people in the company.

You may find other products that do well but cost more as well. You may
want to contact them if you are interested.

Darren

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-04 Thread Ivan Fetch

Hi Kevin,

I'm curious, how are you filtering spam - with a spam filtering rule 
that matches a particular header and holds the message?  If so, do you 
have lists configured to send notifications for held messages?  We found 
that this of course generates backscatter ("your message has been held" 
outbound emails to addresses which are forged or do not exist) - we are 
looking for other ways to (perhaps) forward emails matching a spam rule to 
the listname-owner address with a note somewhere about why the owners are 
receiving the message.

Thanks - Ivan.

On Fri, 4 Nov 2005 [EMAIL PROTECTED] wrote:

> All -
>
> Although Mailman does a great job blocking SPAM from my users, the daily
> task of purging all defered e-mails (SPAM 99.9% of the time) is growing
> weary.
>
> I'm an AMD-64 Gentoo Linux, Postfix, Mailman server - does anyone have any
> suggestions for a system wide anti-spam tool that integrates well?
>
> Kevin
>
>
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

2005-11-04 Thread Christopher X. Candreva

On Fri, 4 Nov 2005 [EMAIL PROTECTED] wrote:

> I'm an AMD-64 Gentoo Linux, Postfix, Mailman server - does anyone have any
> suggestions for a system wide anti-spam tool that integrates well?

If you aren't already, DNSbl's to block connects from dynamic IPs, known 
infected networks, spammers, etc. We're using combined.njabl.org, 
sbl-xbl.spamhaus.org, and list.dsbl.org

Forgive me if this is obvious, but make sure you have anti-virus running to. 
ClamAV does a great job, for free.

==
Chris Candreva  -- [EMAIL PROTECTED] -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

[Mailman-Users] SPAM Control

2005-11-04 Thread kevinc

All -

Although Mailman does a great job blocking SPAM from my users, the daily
task of purging all defered e-mails (SPAM 99.9% of the time) is growing
weary.

I'm an AMD-64 Gentoo Linux, Postfix, Mailman server - does anyone have any
suggestions for a system wide anti-spam tool that integrates well?

Kevin

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

Re: [Mailman-Users] SPAM Control

[Mailman-Users] SPAM Control

11 matches

Site Navigation

Mail list logo

Footer information