Opened 2 months ago

Last modified 5 weeks ago

#13784 assigned Bug/Something is broken

Attacks on mailman instance

Reported by: https://id.mayfirst.org/jaimev Owned by: https://id.mayfirst.org/jaimev
Priority: High Component: Tech
Keywords: mailman Cc: https://id.mayfirst.org/nnaf
Sensitive: no

Description

It looks like lists.nnaf.org has been receiving the kind of automated attacks on mailman we've been seeing on our other mailman instances. The mailq on roe is full of backscatter mail that couldn't be delivered and your list admins may be getting a ton of false subscription requests. The attacks are a combination of web based false subscriptions and direct e-mail commands to mailman. We've put a lot of work into mitigating both of these on our standard mailman servers. See ticket #11675

I'd like to propose that we migrate your existing lists to our main mailman server so that you can take direct advantage of our ongoing efforts to mitigate these attacks. You will still be able to use your domain lists.nnaf.org for sending and receiving mail. Only accessing the web interface would redirect you to lists.mayfirst.org to manage your lists

In the meantime we could also put lists.nnaf.org behind our web based proxy to limit the web based attacks and add the postfwd rules we've implemented on our main mailman server to roe however it would be easier to keep those efforts synchronized if we migrate your lists to the main server.

Please let us know if you are ok with either of the above steps.

Change History (4)

comment:1 Changed 8 weeks ago by https://id.mayfirst.org/jaimev

Hi, we haven't received any feedback about this.

comment:2 Changed 7 weeks ago by https://id.mayfirst.org/nnaf

Sorry for the delay. I am fine with moving to the MF mailman server. Just so I can let my staff know, will there be any differences in the interface or managing subscriptions, aside from being redirected to lists.mayfirst.org?

comment:3 Changed 5 weeks ago by https://id.mayfirst.org/nnaf

We just got a notification that 27 email addresses were unsubscribed from our funds listserv. Might that be because of the mailman migration?

comment:4 Changed 5 weeks ago by https://id.mayfirst.org/jaimev

  • Owner set to https://id.mayfirst.org/jaimev
  • Status changed from new to assigned

No. We haven't initiated that transfer. Have the e-mails been successfully unsubscribed or were they sent confirmation requests? This may be a result of the attacks I described above. Sorry I had not seen your update to this ticket giving us the go ahead to transfer the list.

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.