[rt-users] Protecting RT (Was: Recovering from spam, clean up DB?)
rt-id-45 at lists.lorens.org
Mon Jul 29 12:06:02 EDT 2002
On Mon, Jul 29, 2002 at 06:35:29PM +0300, Odhiambo Washington wrote:
> [...] rt got the mail, responded to the clown's address, mail was picked
> by the clown's bot, responded to rt, rt got it, responded again - the
> cycle was so vicious I has to shutdown that queue.
> I'm wondering if there is a way to protect rt against such a situation.
RT here goes through procmail first. Suspicious mail goes to
an passive mailbox, otherwise direct to RT. When a problem is
noticed, an ppropriate expression is inserted in procmailrc to
make such mails suspicious. Not very multi-user, but sufficient
in my case.
The passive mailbox is read once in a while (could have some
kind of "biff" program) by admin using mutt. A macro in mutt
sends it straight through to RT if admin so decides.
Another solution would be to have suspicious mail sent to a
queue in RT that does not have the autoresponder set, but
that has disadvantages like 1) suspicious e-mails that are
admin-authorized wouldn't get auto-ack 2) mailbombing still
enters RT (been mailbombed several times, don't like it).
Procmail also lets me change the From header on the fly, which
means that I can deal with some automatic tools that send
trouble tickets but should not get any replies, auto-ack,
If I had the time/inclination, there are procmail scripts that
can eliminate duplicates, and you can probably do some kind of
#include <std_disclaim.h> Lorens Kockum
More information about the rt-users