We have had a lot of calls and emails from people concerned about a recent malicious email (fake DHL parcel notification – see https://blog.bham.ac.uk/itsecurity/2017/04/04/malware-in-fake-dhl-parcel-notification/).

The messages were sent mainly to Majordomo mailing lists, so many people received multiple copies. It has become apparent that many list owners are not taking advantage of security features of lists that can be used to reduce spam and malicious email.

There are two types of control that can be used which are outlined below.

Majordomo controls

The configuration file contains the following options which can be set and will help to reduce the amount of unwanted email distributed to a list. All of these configuration options can be changed using the Majorcool interface (http://majorcool.bham.ac.uk/). All are documented within the Majorcool configuration options interface.

The most relevant options are as follows

moderate

This makes the list moderated so that the list owner (or an approved moderator) has to approve messages before they are distributed to the list. Nobody can post to the list without the message being approved.

restrict post

This allows posting to the list to be restricted to members of the list, or another set of people in another mailing list. All other list traffic is then sent to the owner (or moderator) for approval.

taboo headers

This allows filtering of messages – for example those tagged as potential spam to be filtered out. The following knowledge base article has more details.

https://universityofbirmingham.service-now.com/kb_view.do?sysparm_article=KB12472

taboo body

This operates in a similar way to taboo headers, but operates on the body of the message

Mailhub Security Controls

Many lists never need to receive email from outside the University. Any list can be set so that email from outside the University will automatically be rejected. If you are a list owner and you would like this to apply to any of your lists, please request this via the IT Service Desk – http://itservicedesk.bham.ac.uk.

Author: Chris Bayliss

IT Security Manager. View all posts by Chris Bayliss

3 thoughts on “Majordomo Mailing Lists and Malicious Email – Advice for List Owners”

Slight error in the guide above – to access the majorcool interface, use https://www.majorcool.bham.ac.uk rather than simply majorcool.bham.ac.uk

Chris Bayliss says:

April 7, 2017 at 4:48 pm

Thanks. The link should now work.

Reply
Laurence says:

August 16, 2017 at 9:33 am

Simply “majorcool.bham.ac.uk” works for me?

Reply