mailman-check: also make sure we avoid backscatter spam

[ansible.git] / roles / email / files / mailman-check

diff --git a/roles/email/files/mailman-check b/roles/email/files/mailman-check
index 595b28ce37c36ddad1334fe567367b5dc8b791cf..5894a1e6805814f6b2ea27ec1943cadf152a67b7 100755 (executable)
--- a/roles/email/files/mailman-check
+++ b/roles/email/files/mailman-check
@@ -4,17 +4,15 @@ set -e
 ##   ./mailman-check
 ## Checks all the mailman lists for bad configuration, and prints further details if it finds one.
 
-if ! test -d /var/lib/mailman; then
-    # nothing to do
-    exit 0
-fi
-
-cd /var/lib/mailman/lists
-for list in *; do
-    /usr/sbin/config_list  -i /dev/stdin "$list" <<EOF
+for list in $(list_lists -b); do
+    /usr/sbin/config_list -c -i /dev/stdin "$list" <<EOF
 if not ((mlist.dmarc_moderation_action in (1, 2) and mlist.dmarc_quarantine_moderation_action == 1) or mlist.from_is_list in (1, 2)):
     print "List",mlist.real_name,"by",(', '.join(mlist.owner)),"is not configured to deal with DMARC."
 if mlist.reply_goes_to_list != 0 and not mlist.first_strip_reply_to:
     print "List",mlist.real_name,"by",(', '.join(mlist.owner)),"provides an inconsistent Reply-To treatment."
+if mlist.generic_nonmember_action == 2:
+    print "List",mlist.real_name,"by",(', '.join(mlist.owner)),"is prone to backscatter spam due to reject notifications"
+if mlist.generic_nonmember_action == 1 and mlist.respond_to_post_requests:
+    print "List",mlist.real_name,"by",(', '.join(mlist.owner)),"is prone to backscatter spam due to hold notifications"
 EOF
 done