[BALUG-Admin] handling the spam to balug-speaker-coordinators

Michael Paoli Michael.Paoli@cal.berkeley.edu
Mon Apr 23 21:53:19 PDT 2018 

[Bcc: balug-speaker-coordinators@balug.org]

Well, taking this on-list because, ... well, why not, ...

> From: "Grant Bowman" <grantbow@partimus.org>
> Subject: handling the spam to balug-speaker-coordinators
> Date: Mon, 23 Apr 2018 13:54:32 -0700

> What's the best way to handle the spam to balug-speaker-coordinators?

Well, let's see,

o one could volunteer, get an account on the relevant host, and at least
   make suggestions regarding configuration changes to reduce spam, ... but
   note too, that for most @balug.org addresses (notably aliases), one would
   want a quite low rate of false positives.  But regardless I'm sure the
   anti-spam filtering could be well improved even with that constraint.

Oooh, you already have an account - that makes much of that that much
easier:
$ hostname; fgrep -i bowman /etc/passwd
balug-sf-lug-v2.balug.org
grantbow:x:14589:14589:Grant Bowman,,,:/home/grantbow:/bin/sh
$

o one could ask/recruit volunteers to assist ... but may be faster and more
   efficient (and frankly more likely to get done and/or sooner) if one is
   able to do more/much of it oneself.  E.g. much more likely something gets
   done if one is able to do it oneself, or short of that, hand one with the
   access a well tested configuration to fix the issue along with evidence
   it's been well tested and addresses the issue - much more likely something
   like that gets done, than something more like
   "I have an issue, figure it out and fix it for me."  ;-)
   And yes, there may well even be folks that would be interested in learning
   some of the relevant bits - so you might, e.g. ask on list - maybe could
   even be bit of team/cooperative effort.

o If I'm not mistaken, most all of the MTA and anti-spam configuration on the
   host is world-readable - most notable exception being private key for
   TLS/SSL cert for STARTTLS MTA processing.  If there's something one needs
   to read there but doesn't have access, let me know, and likely that can
   be addressed as relevant/appropriate.

Wow, lookie, even have a fair bit of sudo access already (probably more
than needed for looking at MTA/anti-spam configuration bits, but
regardless):
$ sudo sudo -l -U grantbow | sed -ne '/may run/,$p'
User grantbow may run the following commands on balug-sf-lug-v2:
     (root) /bin/su - balugwm2
     (root) /bin/su - sflug
     (root) /bin/su - sflugwww
     (sflug) ALL
     (root) sudoedit /etc/bind/master/sf-lug.org
     (root) sudoedit /etc/bind/master/sf-lug.com
     (root) /bin/systemctl reload bind9
$

Also, I've made mention on some list(s) ... don't recall which one(s)
off-the-top-of-my-head (perhaps this one) ... a few items of note.  May
possibly consider changing MTA on the host - but it would need to well work
with mailman (which covers the @lists.balug.org addresses).  Most of the
anti-spam uses Eximconfig - but though that was a good base start for
anti-spam, it's apparently no longer maintained, so also quite possible
the "best" anti-spam solution(s) for the needs (including fit for the
OS and mailman, and also resources the VM does/doesn't have), may possibly
involve a change in MTA.  But given all the interdependencies (mailman,
live production, lists, aliases, etc.), change of MTA would need be well
tested somehow ... and any anti-spam configuration changes should also be
sufficiently well tested - at least to the extent feasible.

Also, a bunch of the current anti-spam is relatively Python based ... but
that may mostly have to do with the current MTA and Eximconfig more than
anything else.

Anyway, certainly feel free to have a look around, etc.
If you want me to implement some specific (reasonably well tested/vetted)
configuration changes, just let me know the specifics (also probably not bad
idea to put it on this list ... more eyeballs may better spot things we
could do better, and public searchable is more opportunities for others to
find and learn from same).

Also, one can expect that the @balug.org email addresses ... notably
especially publicly listed (and mandatory, etc.), such as
balug-speaker-coordinators, postmaster, balug-webmaster, balug-contact,
etc. do get spam, and given the need for low false-positive rate on filtering,
there's likely to always be some moderate flow of spam that make it through.
I'm sure I've made at least some mention of this before.
List admins such as myself likewise deal with a lot of that for the
@lists.balug.org ... but there it's mostly caught and held for processing
as a non-list member post attempt, reviewed by listadmin(s), and discarded
(or simply left to expire based on the generally obvious spam nature
and the ease of doing nothing to have it disposed of).

More information about the BALUG-Admin mailing list