Subject: The mailing list for listmasters using Sympa
List archive
[sympa-users] Re: Strange list created without proper authentication
- From: Thomas Berry <address@concealed>
- To: qt4x11 <address@concealed>
- Cc: address@concealed
- Subject: [sympa-users] Re: Strange list created without proper authentication
- Date: Wed, 13 Jun 2007 09:56:02 -0700
qt4x11 wrote:
We are using Sympa 5.2.3. It seems like a new list was created on our system without proper authentication. This list has been sending out spam to users in our domain.
We enable wwsympa.fcgi to run under the sympa user uid/gid by setting User sympa and Group sympa in our /etc/httpd/conf/httpd.conf file.
The new list does not appear in /etc/mail/sympa_aliases. We received a new list creation request for the new list, the list creation request was ignored. It seems the list was created without listmaster approval. Our sympa.conf looks like
## Who is able to create lists
## This parameter is a scenario, check sympa documentation about scenarios if you want to define one
create_list public_listmaster
This setting allows anyone (public) to create a list without authentication.
-does this not mean that a person needs to be authenticated before the list is created? The user who created the list is unknown to us.
You'll need to build a create_list scenari(o) file that requires authentication. There are two available files included with Sympa: create_list.listmaster and create_list.public_listmaster. I'd look at one of the other auth scenari(o) files to determine how to create your own create_list.auth_listmaster file.
We created our own "intranet" restricted file:
title.gettext anyone from local domain
is_listmaster([sender]) md5,smime -> do_it
match([sender],/([conf->host])|(.*.local_domain)|(local_domain)$/) smime,md5 -> listmaster,notify
true() smtp,md5,smime -> reject(reason='create_list_local_user')
# end
There are a few more lists that were created without proper authentication in our /home/sympa/expl folder. We have not had any further reports of spam being sent from these lists. It appears that these unauthorized lists on our system have spam-sending scripts in their /home/sympa/expl/<listname>/expl/shared folders.
I have a two part question - what is the proper way to close and delete these unauthorized lists? What do I need to change in my configuration to avoid getting them again?
We do this as listmaster using the Sympa web interface, Under Admin in in the list "info", Select "Remove List". Then, purge the list(s) using the "Closed lists" button under the "Sympa admin" tab in the Sympa web interface.
Thanks.
-
[sympa-users] Strange list created without proper authentication,
qt4x11, 06/13/2007
- [sympa-users] Re: Strange list created without proper authentication, Sylvain Amrani, 06/13/2007
-
[sympa-users] Re: Strange list created without proper authentication,
Thomas Berry, 06/13/2007
- [sympa-users] Re: Strange list created without proper authentication, qt4x11, 06/13/2007
-
[sympa-users] Re: Strange list created without proper authentication,
Serge Aumont, 06/13/2007
- [sympa-users] Re: Strange list created without proper authentication, qt4x11, 06/13/2007
Archive powered by MHonArc 2.6.19+.