Hi Everyone,
It is interesting that you guys are talking about this. We were looking at this late 2016 and again mid-2017 because we were getting reports from our Security team that we were confirming messages by our bounce backs. We changed the settings in the Site Configuration to No for BOUNCE_VIRUS and left BOUNCE_SPAM unset since we are using something else for Spam.
Later I realized that we may want to look at the following templates, but then realized that it would be a lot of time which would stall the current project to upgrade our system and scrapped it. I am sure our security team would love if we could address it in another way as well.
* MSG_POSTING_REJECT_SPAM_DETECTED
* MSG_POSTING_REJECT_BAD_ATTACHMENT
* MSG_POSTING_REJECT_CONTENTFILTER
* MSG_POSTING_REJECT_DIGESTREPLY
* MSG_POSTING_REJECT_DUPMSG
* MSG_POSTING_REJECT_EMPTYJOB
* MSG_POSTING_REJECT_EMPTYMSG
Those are just some of the noted templates that I found might be related to it, but again did not have the go ahead to research it more than that for the project currently going on at the time. Any additional guidance in how to address that would be great, if there is anything beyond what we are currently doing.
That was something I was hoping a new HTML5 version that I think is being worked on would help to address (as well as accessibility concerns).
Thank you for your time,
Adam L. Arthur
From: LISTSERV Site Administrators' Forum <[log in to unmask]> On Behalf Of Shinn Wu
Sent: Friday, November 02, 2018 2:38 PM
To: [log in to unmask]
Subject: Re: non-authorized messages
Hello,
We also have a problem in spam hitting target lists. It increased disk IO significant because ListServ created thousands of confirmation requests on disk. We received more than 26,000 such kinds of spams since yesterday (close to 800 per hour). I blocked the domain from gateway because the spams faked one (China) domain. We do not worry too much about many (if any) legitimate email from that domain.
Shinn
________________________________
From: LISTSERV Site Administrators' Forum <[log in to unmask]<mailto:[log in to unmask]>> on behalf of Lawrence Finch <[log in to unmask]<mailto:[log in to unmask]>>
Sent: Friday, November 2, 2018 11:11:51 AM
To: [log in to unmask]<mailto:[log in to unmask]>
Subject: Re: non-authorized messages
Several years ago we had a problem with "bounce back" spam. Spammers were sending spam messages to the list, with return addresses of real people (addresses not on our list, just random email addresses). At its peak we were getting 300/hour. This did not sit well with spam blocking databases, as you would expect, or the people who got the bounced messages sent to their forged return addresses. We solved the problem in postfix by adding active filtering to incoming messages that analyzed the headers of the messages and just dropped ones that didn't look right. The filters are quite complex, but they do the job nicely.
I wonder if there is a better way to do this today?
Larry
On Nov 2, 2018, at 12:51 PM, Peter M. Weiss <[log in to unmask]<mailto:[log in to unmask]>> wrote:
Well if they are spoofed, then they would be a joe-job which could be much more than an annoyance.
--
Pete
________________________________
To unsubscribe from the LSTSRV-L list, click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1
--
Larry Finch
[log in to unmask]<mailto:[log in to unmask]>
________________________________
To unsubscribe from the LSTSRV-L list, click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1
________________________________
To unsubscribe from the LSTSRV-L list, click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1
############################
To unsubscribe from the LSTSRV-L list:
write to: mailto:[log in to unmask]
or click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTSRV-L&A=1