Several mail addresses have been recently the subject of an attack by
forged subscriptions to huge mailing lists (all these mail addresses are
announced on anti-racist and/or anti-fascist Web servers, so the purpose
is probably political).
I suggest the following procmail recipe to avoid any subscription. The
only drawback is that it prevents any subscription, even legitimate, to
mailing lists.
I have two questions about that recipe:
1) Do you think it is the appropriate technical response?
2) If I set EXITCODE to 77, the mail messages from the mailing list will
bounce, leading to unsubscription (which is the aim). But sendmail 8.8.5,
in its error message, expands the alias, which I don't want. In the mean
time, I use an EXITCODE of 0 and swallows silently the message. Does
anyone know how to tell sendmail *never* to reveal the alias?
Aliases file (\ for clarity only):
webmaster: "| /usr/local/bin/procmail \
/usr/local/mail/procmailrcs/nolist -m \
ADDRESS=webmaster(_at_)me(_dot_)org \
REALDESTINATION=author1,author2,author3"
"nolist" script:
# procmail script to deny mail to an address if it doesn't appear in the
# headers. Purpose: to be sure some addresses will not be flooded by
messages
# from mailing lists. Reason: subscribing an address to many mailing lists
# has been used by crackers to harass people. Side effect: no subscription
# to any mailing list will be possible.
# How does it work? It looks in the headers to see if the address appears.
# If not, it is for a mailing list. We bounce, hoping to be unsubscribed
# soon.
# Modus operandi:
# procmail ThisFile -m ADDRESS=YourAddress REALDESTINATION=Recipients
# Author: Stephane Bortzmeyer <bortzmeyer(_at_)globenet(_dot_)org>
VERBOSE=no
# Warning: the regular expression below *needs* procmail 3.11 or more.
# You can change it to '* $ ^TO$ADDRESS' but it will not be as sharp.
:0
* $ ^TO_$ADDRESS\>
! $REALDESTINATION
:0
{
# See sendmail source, src/sysexits.h, for a list of exit codes.
# Warning: sendmail will reply with a message containing the
expansion
# of the alias :-( Set EXITCODE to 0 to avoid this (but in that
case,
# messages will continue to arrive).
#EXITCODE=77
EXITCODE=0
:0
/dev/null
}