From owner-freebsd-security@FreeBSD.ORG Fri Apr 22 10:20:12 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A4AE3106564A; Fri, 22 Apr 2011 10:20:12 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id 491CE8FC12; Fri, 22 Apr 2011 10:20:12 +0000 (UTC) Received: by iyj12 with SMTP id 12so555137iyj.13 for ; Fri, 22 Apr 2011 03:20:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:date:from:to:cc:subject:message-id :references:mime-version:content-type:content-disposition :in-reply-to:x-openpgp-key-id:x-openpgp-key-fingerprint :x-openpgp-key-url; bh=uqiTb1kV0Q2Y+AtKTOqraSvHHk4dZewa3HUqfrvZk8k=; b=IfVLn7nAFnuRjFEwnUVBr2mQ3aDE8lZpoGBxDLW1RED+ENEUH+tFLoi6JydsoFZc6v IziCxFY1Dix/4OYVaJOKTXv3lOsNOTIzEmGoUgTq6zE6nKgCjNkJ5H1IWzMmzr7KLdHa xUHj73WTaUyLxePvwIUARAM0+S0YLXPLzmthM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:x-openpgp-key-id :x-openpgp-key-fingerprint:x-openpgp-key-url; b=bllABdI+6lJlb6IWxODxQwi2xch03rnNymiAYlRNF8BI420iD5/l68P5ggXbN+XD6R +wmFdGa3ExGHi1mrV+vp4I2wPDqeyBpd5/eg3YEV5sMtnCgF4k2jfns0XOGiGIKtk2ZZ DmHb9lOZNPIQtbvDOOV6ZxmEKv5xX+9ZjUnXc= Received: by 10.42.218.4 with SMTP id ho4mr1173715icb.344.1303467611628; Fri, 22 Apr 2011 03:20:11 -0700 (PDT) Received: from DataIX.net (adsl-99-190-84-116.dsl.klmzmi.sbcglobal.net [99.190.84.116]) by mx.google.com with ESMTPS id i20sm1083774iby.48.2011.04.22.03.20.08 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 22 Apr 2011 03:20:09 -0700 (PDT) Sender: "J. Hellenthal" Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.4/8.14.4) with ESMTP id p3MAK6aN014181 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 22 Apr 2011 06:20:06 -0400 (EDT) (envelope-from jhell@DataIX.net) Received: (from jhell@localhost) by DataIX.net (8.14.4/8.14.4/Submit) id p3MAK5ks014180; Fri, 22 Apr 2011 06:20:05 -0400 (EDT) (envelope-from jhell@DataIX.net) Date: Fri, 22 Apr 2011 06:20:05 -0400 From: "J. Hellenthal" To: Gary Palmer Message-ID: <20110422102005.GA12433@DataIX.net> References: <20110420212354.GB73035@in-addr.com> <20110421042639.GB91477@DataIX.net> <1303360894.3063.1.camel@blaze.homeip.net> <20110421123447.GD4543@straylight.ringlet.net> <20110421170424.GC73035@in-addr.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dDRMvlgZJXvWKvBx" Content-Disposition: inline In-Reply-To: <20110421170424.GC73035@in-addr.com> X-OpenPGP-Key-Id: 0x89D8547E X-OpenPGP-Key-Fingerprint: 85EF E26B 07BB 3777 76BE B12A 9057 8789 89D8 547E X-OpenPGP-Key-URL: http://bit.ly/0x89D8547E Cc: freebsd-security , Robert Simmons Subject: Re: bad email address X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Apr 2011 10:20:12 -0000 --dDRMvlgZJXvWKvBx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Apr 21, 2011 at 01:04:24PM -0400, Gary Palmer wrote: >On Thu, Apr 21, 2011 at 03:34:47PM +0300, Peter Pentchev wrote: >> On Thu, Apr 21, 2011 at 12:41:34AM -0400, Paul Blazejowski wrote: >> > doesn't mailman unsubscribe an email automatically after a couple of >> > bounces? unless freebsd list is not configured to do so... >>=20 >> That's only if the bounce message reaches mailman. In this case, >> the culprit is a mail bouncing agent (MBA? ;) which addresses >> the bounce to the original sender (the one from the From header) >> instead of *any* of the other possible addresses present in >> mailman-generated messages that would do the right thing. > >RFCs say bounces have to go to the envelope sender. MailMan correctly >changes the envelope sender of mail to freebsd-security to >owner-freebsd-security@freebsd.org so that it can see the NDRs (non-delive= ry >reports). However some broken software boucnes to the From address in >the header. Since the From address in the header is *not* MailMan it cann= ot >auto-unsubscribe the bouncing user. > >If the bouncing users MTA/MUA doesn't follow specifications there isn't >a lot MailMan can do > Yes and then repeated report after report mailman blah blah postmaster more blah blah user repeatedly offending blah blah moderator removes offending domain until the its fixed blah blah... Sometime in the near future... ;) --=20 Regards, J. Hellenthal WWJD --dDRMvlgZJXvWKvBx Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) Comment: http://bit.ly/0x89D8547E iQEcBAEBAgAGBQJNsVZUAAoJEJBXh4mJ2FR+NEEH/3XgWQyVg8ErqeZ0jwVhWlEv HabXw/hQ4NtUlLhQrD4Gk5OtDMyee75l3VKHwsQVb2a+Y/6LI1dP7xpjysuhXjWU sLDmrYRJYbVyRnrVjmRWtJsrRlSJ6g46ZRpWaVE8sWEJ80LFj9MggRNQdaBVAi7V jGO1aNNXZmV4VSGQYy4y/o8UVtlYeUTqiotn5Ebzfls/WBgUQjSo1B9ry8sG7HlW 9zZf/nmyHTnZrRggr/lAgRBLi+2dwYTH4s0l4S5Gxx6OKTvqvBCMADbkqcymszHG 8uHX1reSdGaIZYI4+8MoeLCVyoaOOD0QTg6vepn4bEcneFi7OP50WzaY+h0dLHc= =cHXP -----END PGP SIGNATURE----- --dDRMvlgZJXvWKvBx--