Opened 8 days ago

#13784 new Bug/Something is broken

Attacks on mailman instance

Reported by: https://id.mayfirst.org/jaimev Owned by:
Priority: High Component: Tech
Keywords: mailman Cc: https://id.mayfirst.org/nnaf
Sensitive: no

Description

It looks like lists.nnaf.org has been receiving the kind of automated attacks on mailman we've been seeing on our other mailman instances. The mailq on roe is full of backscatter mail that couldn't be delivered and your list admins may be getting a ton of false subscription requests. The attacks are a combination of web based false subscriptions and direct e-mail commands to mailman. We've put a lot of work into mitigating both of these on our standard mailman servers. See ticket #11675

I'd like to propose that we migrate your existing lists to our main mailman server so that you can take direct advantage of our ongoing efforts to mitigate these attacks. You will still be able to use your domain lists.nnaf.org for sending and receiving mail. Only accessing the web interface would redirect you to lists.mayfirst.org to manage your lists

In the meantime we could also put lists.nnaf.org behind our web based proxy to limit the web based attacks and add the postfwd rules we've implemented on our main mailman server to roe however it would be easier to keep those efforts synchronized if we migrate your lists to the main server.

Please let us know if you are ok with either of the above steps.

Change History (0)

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.