It has been brought to our attention that spammers, in yet another way to spread their junk, are sending messages to administrative addresses for ezmlm-idx mailing lists using a forged sender address. This results in ezmlm-idx sending the entire spam message in the reply to the forged sender address, but with the site's address showing up as the actual sender. As a result, FutureQuest has modified the behavior of ezmlm-idx to protect site owners from such "bounce spam" attacks on their lists.

With the new behavior, ezmlm-idx will no longer copy the entire original message into the response. Instead, it will limit the number of lines that get copied, and by default only the header will get copied.

To alter this new default behavior, create a file /big/dom/XDOM/SHELL/LIST/copylines containing the number of lines of the message to copy into responses. The header is unconditionally copied as a mechanism for debugging administrative problems.
--
Bruce
www.FutureQuest.net

Do I have to do anything to my lists for this, or is it already done 'in the background'?

Do I have to do anything to my lists for this, or is it already done 'in the background'?
The latter.

Nothing to do here...move along...

:whistle:

We chose to make our ezmlm-idx mailing list "moderated" so that we can reject any inappropriate or spam message and prevent it from reaching our subscriber membership.

If we understand your ezmlm modification correctly, we will still receive failure notices from FutureQuest when a Spammer attempts to subscribe to our list with a forged email address. The difference being that we will receive a few lines in the failure notice instead of the entire Spammer message.

So, unfortunately we will continue to get all those annoying failure notice messages. I wish ezmlm had a challenge system (like your forum) so that a person must type in a series of letters or numbers before the subscription to the ezmlm list would be accepted.

If we understand your ezmlm modification correctly, we will still receive failure notices from FutureQuest when a Spammer attempts to subscribe to our list with a forged email address.Under normal circumstances, neither you nor anybody else would receive failure notices when a spammer (or anybody else) attempts to subscribe to one of your mailing lists with a forged email address. If that subscription attempt is forged to come from your domain, you would still not get a failure notice, as ezmlm-idx would send a subscription confirmation to you first.

The difference being that we will receive a few lines in the failure notice instead of the entire Spammer message.Failure messages (bounces) are unchanged by this modification.

So, unfortunately we will continue to get all those annoying failure notice messages.I'm not sure what you are referring to here. Ezmlm-idx has been designed to avoid involving the list managers in its automated operations, and this includes automatically dealing with bounce messages. What kind of failure messages are you receiving?

Here is a typical "failure notice" I received from FutureQuest. I believe this is the result of a Spammer using the admin help function of ezmlm-idx. I also receive failure notices when confirmation email can not be sent to the forged email address.


FROM: MAILER-DAEMON@astro.futurequest.net
TO: mydomain-return-@lists.mydomain
SUBJECT: failure notice

Hi. This is the qmail-send program at astro.futurequest.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out.

<greenestrecommendation's@accord-invest.ru>:
213.33.153.86 does not like recipient.
Remote host said: 550 5.2.1 Mailbox unavailable. This server does not accept mails to this SMTP address (greenestrecommendation's@accord-invest.ru).
Giving up on 213.33.153.86.

--- Below this line is a copy of the message.

Return-Path: <mydomain-return-@lists.mydomain>
Received: (qmail 22545 invoked by uid 50647); 14 Jan 2007 17:57:44 -0000
Mailing-List: contact mydomain-help@lists.mydomain; run by ezmlm
List-Help: <mailto:mydomain-help@lists.mydomain>
List-Post: <mailto:mydomain@lists.mydomain>
List-Subscribe: <mailto:mydomain-subscribe@lists.mydomain>
Date: 14 Jan 2007 17:57:44 -0000
Message-ID: <1168797464.27809.ezmlm@lists.mydomain>
From: mydomain-return-@lists.mydomain
To: greenestrecommendation's@accord-invest.ru
Delivered-To: responder for mydomain@lists.mydomain
Received: (qmail 13268 invoked from network); 14 Jan 2007 17:57:44 -0000
Received: from server73.appriver.com ([85.107.9.235])
by astro.futurequest.net ([69.5.28.104])
with ESMTP via TCP; 14 Jan 2007 17:57:37 -0000
Received: from 213.33.153.86 (HELO ms.accord-invest.ru)
by mlm.mydomain with esmtp (DQ@>E**J: ,ES>;:)
id Z30169-,2*W1-->8
for mydomain-help@mlm.mydomain; Sun, 14 Jan 2007 18:00:11 -0120
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Subject: Help for mydomain@lists.mydomain

Hello Member! This is an automated message generated by our email list program. mydomain@lists.mydomain mailing list. You can reach the webmaster (list owner) at mydomain-owner@lists.mydomain. This is a generic help message. To receive this message simply
send any email to <mydomain-help@lists.mydomain>.

Here is a list of the command addresses supported:

Send mail to the following for info and FAQ for this list:
<mydomain-info@lists.mydomain>
<mydomain-faq@lists.mydomain>

The messages do not really need to be empty, but I will ignore their content. Only the ADDRESS you send to is important.

You can start a subscription for an alternate address, for example "john@example.com", just add a hyphen and your address (with '=' instead of '@') after the command word: <mydomain-subscribe-john=example.com@lists.mydomain>

To stop subscription for this address, mail: <mydomain-unsubscribe-john=example.com@lists.mydomain>

Return-Path: <greenestrecommendation's@accord-invest.ru>
Received: (qmail 13268 invoked from network); 14 Jan 2007 17:57:44 -0000
Received: from server73.appriver.com ([85.107.9.235])
by astro.futurequest.net ([69.5.28.104])
with ESMTP via TCP; 14 Jan 2007 17:57:37 -0000
Return-Path: <greenestrecommendation's@accord-invest.ru>
Received: from 213.33.153.86 (HELO ms.accord-invest.ru)
by mlm.mydomain with esmtp (DQ@>E**J: ,ES>;:)
id Z30169-,2*W1-->8
for mydomain-help@mlm.mydomain; Sun, 14 Jan 2007 18:00:11 -0120
From: "Orville Roberts" <greenestrecommendation's@accord-invest.ru>
To: <mydomain-help@mlm.mydomain>
Subject: The style sheet font
Date: Sun, 14 Jan 2007 18:00:11 -0120
Message-ID: <01c73805$d5d386b0$6c822ecf@greenestrecommendation's>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-2"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
Thread-Index: Aca6Q(CG5OU)2S>0H:+173A(.N/SQ0==

Fred, the reason you are getting these bounces is because you have custom-modified your mailing list.

If you go to the directory for you mailing list and look at the file "bouncer" in that directory

The first two lines of that file are essentially:

&webmaster@yourdomain.com
&othermail@otherdomain.com

What happens because of these two lines that you have entered into that file, is that any messages that are handled by the bounce aspect of the ezmlm list manager are also forwarded to the two addresses above.

This is by no means the usual behavior for ezmlm and if you remove those lines from the bouncer file you will not receive those bounces any more.

Yes, that's it! I had completely forgotten about the changes I made to the bouncer file a long time ago. Before all this spammer stuff, we actually wanted a failure notice if a message we sent to our membership bounced.
Thank you Shelia.

:yeah: