Oh, interesting. You appear to be correct. I'm running each of the mailing lists' services in their own containers so the private IP makes sense. I just commented on a FR for Hyperkitty to disable posting via Web UI: https://gitlab.com/mailman/hyperkitty/-/issues/264 Aside from that, I can confirm my new SPF filter has already blocked one spam e-mail from getting through so that's good. Thanks for the tip. On 8/6/20 2:34 PM, Tony Lill wrote: > I looked at the received-from headers, and it looks to me like these > messages are being fed into the list from the web interface. The first > received from is from mailman web and a private IP. > > On 8/6/20 2:09 PM, David Galloway wrote: >> Hi all, >> >> As previously mentioned, blocking the gmail domain isn't a feasible >> solution since the vast majority of @gmail.com subscribers (about 500 in >> total) are likely legitimate Ceph users. >> >> A mailing list member recommended some additional SPF checking a couple >> weeks ago which I just implemented today. I think what's actually >> happening is a bot will subscribe using a gmail address and then >> "clicks" the confirmation link. They then spam from a different domain >> pretending to be coming from gmail.com but it's not. The new config I >> put in place should block that. >> >> Hopefully this should cut down on the spam. I took over the Ceph >> mailing lists last year and it's been a never-ending cat and mouse game >> of spam filters/services, configuration changes, etc. I'm still >> learning how to be a mail admin so your patience and understanding is >> appreciated. >> > > > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx > _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |