Controlling backscatter spam in Mailman
By default, Mailman -- which is installed by default in Virtualmin as your mailing list manager, exhibits some nasty behavior, being open to sending "backscatter" spam. This means that the Bad Guys send fraudulent messages "from" the email address they actually want to send spam to; Mailman rejects those messages, basically sending a bounce message to the victim.
The mechanism the spammers use is left over from the days before web interfaces. Nowadays, your subscribers interact with Mailman almost exclusively via its HTTP interface. Other than actual postings from subscribed members, and messages to the list owner, there is little or no reason to keep the vestigial email aliases.
To disable the vulnerable aliases:
With Virtualmin, go into the Webmin interface, under Servers; Postfix Mail Server; and click on the Aliases icon. You should see, for example, defined among the email addresses:
yourlist-example.com Program /usr/lib/mailman/mail/mailman post yourlist <strong>yourlist-admin-example.com Program /usr/lib/mailman/mail/mailman admin yourlist</strong> yourlist-bounces-example.com Program /usr/lib/mailman/mail/mailman bounces yourlist <strong>yourlist-confirm-example.com Program /usr/lib/mailman/mail/mailman confirm yourlist yourlist-join-example.com Program /usr/lib/mailman/mail/mailman join yourlist yourlist-leave-example.com Program /usr/lib/mailman/mail/mailman leave yourlist </strong>yourlist-owner-example.com Program /usr/lib/mailman/mail/mailman owner yourlist <strong>yourlist-request-example.com Program /usr/lib/mailman/mail/mailman request yourlist yourlist-subscribe-example.com Program /usr/lib/mailman/mail/mailman subscribe yourlist yourlist-unsubscribe-example.com Program /usr/lib/mailman/mail/mailman unsubscribe yourlist</strong>
for "firstname.lastname@example.org" ... I recommend you disable these aliases shown in bold above:
You also need to edit /etc/postfix/virtual -- or in Webmin, open "Servers" and click on "Postfix Mail Server" then click on the "Virtual Domains" icon:
and delete the virtual mappings for all the addresses you just removed.
You will want to do this for each mailing list on your system.