The mailing list for listmasters using Sympa

[Sylvain Amrani <address@concealed>]

qt4x11 a écrit :
> We are using Sympa 5.2.3.  It seems like a new list was created on our
> system without proper authentication.  This list has been sending out
> spam to users in our domain.
>
> We enable wwsympa.fcgi to run under the sympa user uid/gid by setting
> User sympa and Group sympa in our /etc/httpd/conf/httpd.conf file.
>
> The new list does not appear in /etc/mail/sympa_aliases.  We received
> a new list creation request for the new list, the list creation
> request was ignored.  It seems the list was created without listmaster
> approval.  Our sympa.conf looks like
>
> ## Who is able to create lists
> ## This parameter is a scenario, check sympa documentation about
> scenarios if you want to define one
> create_list     public_listmaster
>
> -does this not mean that a person needs to be authenticated before the
> list is created?  The user who created the list is unknown to us.
>
> There are a few more lists that were created without proper
> authentication in our /home/sympa/expl folder.  We have not had any
> further reports of spam being sent from these lists.  It appears that
> these unauthorized lists on our system have spam-sending scripts in
> their /home/sympa/expl/<listname>/expl/shared folders.
>
> I have a two part question - what is the proper way to close and
> delete these unauthorized lists?  What do I need to change in my
> configuration to avoid getting them again?
>
> Thanks.
you can use the web interface to close the lists (there's a "close list"
option in the menu), and then go to the "admin sympa" main tab and
delete the closed lists.

Or you can use .../sympa.pl --close_list=listname and
--purge_list=listname , and then delete the /home/sympa/expl/listname
directory in your filesystem

The create_list parameter is OK. But change it to "listmaster" to take
time to know what happens
You can also create a new /etc/sympa/scenari/create_list.closed containing :
title.gettext closed

true() smtp,md5,smime -> reject

and set your create_list parameter to 'closed'

Please consider to backup your system before deleting the lists, so you
get a chance to know what happened.

Sylvain.