[Owasp-board] Mailman Update

Tom Brennan tomb at owasp.org
Wed Jun 6 13:26:23 UTC 2012


MAILMAN UPDATE

When a mail is sent to   xxxx.lists.owasp.org the first stop is:

lists.owasp.org mail exchanger = 10 d15006a.ess.barracudanetworks.com
64.235.150.197<http://www.mxtoolbox.com/SuperTool.aspx?action=mx%3alists.owasp.org#>
lists.owasp.org mail exchanger = 20 d15006b.ess.barracudanetworks.com
64.235.150.197<http://www.mxtoolbox.com/SuperTool.aspx?action=mx%3alists.owasp.org#>

** Yes both MX records point to the same IP

Then the mail is scrubbed and if passes the smell test forward to what IP
address at Rackspace (see config in the barracuda mail appliance)  There is
a A record in DNS pointing to lists.owasp.org @ 50.56.58.227 this is at
Rackspace http://whois.domaintools.com/50.56.58.227

We are running version:  2.1.13, current version is: The current stable GNU
Mailman version is 2.1.15rc1, released on 15-May-2012.

Since I do not have console access to either the Barracuda appliance the
host can you provide a reply with the config file (Mailman/mm_cfg.py
configuration file) and also screen shots of the Barracuda config., this
can then be reviewed and map it to best practices mapped to what Barry has
wrote: http://www.gnu.org/software/mailman/mailman-install.pdf  *Another
thread - shot a note to Barry Warsaw for a recommendation for a 3rd party
admin moving forward.

In addition we should then publish a recommended config for each list that
is managed by a project leader or a chapter to ensure that a best practice
is implemented. If this can be "forced" better.

Separate from lists.owasp.org, our googleapps config has a inbound gateway
set as 216.48.3.18,216.48.3.19 (see screenshot) <-- these IP addresses are
UNKNOWN to me and during this review we should consider removing them from
the mail config.  Perhaps *Larry* remembers what he put these in place for
(also see attached)  / http://whois.domaintools.com/216.48.3.18 otherwise
these will be removed on Friday 8-June

Thank in advance Matt, Larry -- this migration has been a bumpy one and
still is not completed but June is the month so I don't have to goto
Blackhat/Defcon and be poked on how OWASP can't run a simple mailman <grin>

=======

Since we also have "managed hosting" by Rackspace I would be happy to work
the ticket with them as well but based on what we are paying for, i believe
this is out of scope?

*
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120606/052fc775/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2012-06-06 at 9.10.41 AM.png
Type: image/png
Size: 22380 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120606/052fc775/attachment-0003.png>


More information about the Owasp-board mailing list