Re: [cobalt-users] Spam and AV protection

[Parker Morse <morse@xxxxxxxxxxx>]

> From: baltimoremd@xxxxxxxxxxxxxxx
> On Tue, 11 Dec 2001, Parker Morse wrote:
>> There are some other basic configuration steps to take, like making sure any
>> majordomo lists are as buttoned-up as they can be and setting the max size
>> on list email as low as possible,
> 
> Being exceptionally thick of mind, and knowing that the majordomo on a RaQ
> is "special", can you give me more specific hints on not only the max
> size, but also anyway to deny all attachments to the list?

I can't speak for the RaQ, being a Qube user, but here's what I did.

I don't know of any way to deny attachments to the list specifically, except
denying them at sendmail. What I've done is use the list-configuration GUI
to suck the max message size down to 50k on lists where that's possible. (In
the Qube GUI, it's under the "advanced" tab under "mailing lists" section.)
That bounces most viruses (and the majority of other attachments) as
"message too large". I know very few people who can write a 50k email
without an attachment.

The obvious stuff: in the GUI, under "Posting Policy", set each list for
"Only subscribers can post messages" unless the list needs to take mail from
non-subscribers. This bounces spam from people who've found your list of
lists.

Keeping people from finding your "list of lists"; I think this was discussed
back in the fall when I first joined the list. The problem is that anyone
can write to "majordomo@xxxxxxxxxxxxxx" with the command "lists" and get
back a list of lists served on your domain. Bingo, instant spam targets.
Apparently there is a way to close this down - my notes say something about
a "no advertise" flag, but a quick test shows I haven't closed that hole
myself, so clearly I don't know the right way to do it. I do think it needs
to be done to each list.conf file individually - on our Qube those files are
in /usr/local/majordomo/lists, there's a .conf for each list.

pjm