Controlling backscatter spam in Mailman


By default, Mailman -- which is installed by default in Virtualmin as your mailing list manager, exhibits some nasty behavior, being open to sending "backscatter" spam. This means that the Bad Guys send fraudulent messages "from" the email address they actually want to send spam to; Mailman rejects those messages, basically sending a bounce message to the victim.

The mechanism the spammers use is left over from the days before web interfaces. Nowadays, your subscribers interact with Mailman almost exclusively via its HTTP interface. Other than actual postings from subscribed members, and messages to the list owner, there is little or no reason to keep the vestigial email aliases.

To disable the vulnerable aliases:

With Virtualmin, go into the Webmin interface, under Servers; Postfix Mail Server; and click on the Aliases icon. You should see, for example, defined among the email addresses:    Program /usr/lib/mailman/mail/mailman post yourlist
<strong>      Program /usr/lib/mailman/mail/mailman admin yourlist</strong>    Program /usr/lib/mailman/mail/mailman bounces yourlist
<strong>    Program /usr/lib/mailman/mail/mailman confirm yourlist       Program /usr/lib/mailman/mail/mailman join yourlist      Program /usr/lib/mailman/mail/mailman leave yourlist
</strong>     Program /usr/lib/mailman/mail/mailman owner yourlist
<strong>    Program /usr/lib/mailman/mail/mailman request yourlist  Program /usr/lib/mailman/mail/mailman subscribe yourlist        Program /usr/lib/mailman/mail/mailman unsubscribe yourlist</strong>

for "" ... I recommend you disable these aliases shown in bold above:

-admin-, -confirm-, -join-, -leave-, -request-, -subscribe-, -unsubscribe-.

You also need to edit /etc/postfix/virtual -- or in Webmin, open "Servers" and click on "Postfix Mail Server" then click on the "Virtual Domains" icon:

and delete the virtual mappings for all the addresses you just removed.

You will want to do this for each mailing list on your system.

Mailman membership reminder


Here's a little script you can add to your crontab, to periodically email the administrators of each mailman mailing list both the list of current members and the mailing-list's full configuration. This gives you both an audit trail of membership and the ability to restore mailing lists from the backup files in case your webhost goes awry.

mailman-reminder (Perl script)

Edit root's crontab with the command

# **crontab -e**

and add something like this:

0 3 1 * * perl /root/

Which will run the script at 03:00 on the first day of each month.