Drop Shadow

List Spam Protection

Is your list spamming your list?

One trick that spammers will use is to try and impersonate local users. Anybody on the net can set their From address to any address they wish, so spammers will try to create lists.sandiego.edu addresses in the hopes that our mail system will accept those addresses.

We’ve set up the mailing list server itself to check for invalid local addresses. So if anyone tries to send to an address @ lists.sandiego.edu that doesn’t exist, that mail will be rejected.

This doesn’t work for the mailing list address itself, since that’s a valid local address. This means that you might get spam with a From address of your mailing list’s address.

  1. Never add your mailing list’s address to the list of addresses that are automatically accepted. Even if you don’t check the box to make your mailing list address public, it’s still going to get out. That’s the nature of mailing lists.
  2. If you don’t ever send messages to your list as if they came from your list, you can tell Mailman to discard all messages with that address as the “From” address. When checking your pending messages, you can choose to “Add ADDRESS @ lists.sandiego.edu to one of these sender filters” and select the “Discards” choice.

USD’s automatic spam filters

The spam protection system we use at USD only applies partially to your mailing lists. Because the current system does not create quarantine accounts for list addresses, it will not quarantine spam messages. Messages that would be quarantined going to a standard MySanDiego address will instead be let through when going to a mailing list address.

Messages sent to mailing lists are subject to greylisting, however. Normally this should be completely invisible to you and to your subscribers.

Greylisting works by remembering what servers have contacted us in the past. The first time a sending server tries to send mail to any USD address, the system bounces that message with a 4xx error message (as I write this, the error we give is 451).

When a sending mail server receives a 4xx error, it is required by the Internet mail standard to try again later. The sending individual should never see that bounce. When the sending mail server tries again with that message, it will be added to our list of “good” servers.

If, however, one of your members reports a bounce, and in the copied text of the bounce it reports a 4xx error from our mail server, that’s indicative of a problem either with their server setup or with ours. Please forward such error messages to us.

So far, we’ve only seen this happen once, though it may have happened other times and not been reported to us.