Opened 3 years ago
Closed 2 years ago
#2597 closed task (fixed)
Dangerous emails leaking into grass-web mailing list: mailman blocking fails
| Reported by: | neteler | Owned by: | |
|---|---|---|---|
| Priority: | critical | Milestone: | Unplanned |
| Component: | SysAdmin | Keywords: | mailman |
| Cc: |
Description
At time, dangerous emails are leaking into the moderated "grass-web" mailing list, see https://lists.osgeo.org/pipermail/grass-web/2021-May/date.html
While I had added <noreply@…> to the mailman discard section ("Privacy" setting), filtering still fails as seen below.
Question: how to get rid of this rubbish? Can we do anything at low level?
In /var/log/mail.log there are entries like this:
May 2 17:44:15 osgeo6 postgrey[4517]: action=pass, reason=triplet found, client_name=unknown, client_address=46.183.220.114, sender=noreply@microsoftteams.uservoice.com, recipient=grass-web@lists.osgeo.org
Garbage email example:
---------- Forwarded message ---------
From: Email ADMIN <noreply@microsoftteams.uservoice.com>
Date: Thu, May 6, 2021 at 3:24 AM
Subject: [GRASS-web] lists.osgeo.org : (6)Incoming messages are blocked on your mail server.
To: <grass-web@lists.osgeo.org>
You have new held messages
Dear grass-web@lists.osgeo.org
Incoming messages are blocked on your mail server.
You have {6} blocked emails on your server waiting to deliver to grass-web@lists.osgeo.org
Enable data to retrieve messages
Click Here To Enable Data
© 2003 - 2021 WebClient Services Limited.
_______________________________________________
grass-web mailing list
grass-web@lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/grass-web
Change History (3)
comment:1 by , 3 years ago
comment:3 by , 2 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
No bad side-effects reported, looks good as the cruft disappeared. Closing.
Note:
See TracTickets
for help on using tickets.
Since this is urgent, I have made the following change (edited
KNOWN_SPAMMERS) in/usr/lib/mailman/Mailman/Defaults.py:
##### # Spam avoidance defaults ##### # This variable contains a list of 2-tuple of the format (header, regex) which # the Mailman/Handlers/SpamDetect.py module uses to match against the current # message. If the regex matches the given header in the current message, then # it is flagged as spam. header is case-insensitive and should not include # the trailing colon. regex is always matched with re.IGNORECASE. # # Note that the more searching done, the slower the whole process gets. Spam # detection is run against all messages coming to either the list, or the # -owners address, unless the message is explicitly approved. #KNOWN_SPAMMERS = [] # MN 2021, see https://mail.python.org/pipermail/mailman-users/2010-August/070027.html KNOWN_SPAMMERS = [ ('from', 'noreply at microsoftteams\.uservoice\.com'), ]Now monitoring the mailman logs in
and the list archive as well here: https://lists.osgeo.org/pipermail/grass-web/2021-May/date.html
Hopefully we won't have bad side-effects!