[UbuntuWomen] Non-members posting! [was] Re: Fwd: [Blueprint community-1311-ubuntu-women] Ubuntu Women Trusty Goals

Alex Muntada alexm at alexm.org
Tue Apr 15 11:00:00 UTC 2014


svakSha:

> > Maybe we can find some header that matches all LP mail that could
> > be used to filter messages from LP non-members into the list, e.g.
> > i think this one could help:
> >
> >   X-Generated-By: Launchpad (canonical.com); ...
> >
> > Or we can just make a regexp out of this:
> >
> >   Received: from wampee.canonical.com ...
> 
> I like this option a lot better than wading through spam, so I setup a
> regex:^.+ at wampee\.canonical\.com$

One rule should be to accept these:

  x-generated-by: launchpad \(canonical.com\)
  received: from .*\.canonical\.com \(

And another rule could be to discard these (e.g. spamassassin):

  x-spam-flag: yes

More rules can be added to discard more spam, but i'd need more
details about what kind of spam is reaching the list and the
headers on those messages.

Besides, the moderators can add more discard filters manually
each time they have to deal with a message in the queue and
administrators can add whole domain regexes to discard mail
from spammer domains.

> Since header spoofing is very easy, I've asked if there is a risk of
> email addresses being forged - For example, can spam traffic spoof an
> @canonical.com (and other permutations) address which can still get
> through to the list.

That could happen when spammers spoof the mail address of any of
the current members of the list too. There's no way to protect
the list against that, so let's deal with corner cases when they
appear.

Cheers,
Alex




More information about the Ubuntu-Women mailing list