[Bug 1721746] Re: [If member-email known] Malformed "From:" header accepted -> anyone can post to list.
Mark Sapiro
mark at msapiro.net
Fri Oct 6 12:48:03 EDT 2017
This is not a security issue in Mailman. Yes it is possible to spoof a
list member's address in various headers to cause a post to be accepted
by a list, but there's nothing Mailman or any list management software
can do about that short of moderating all members.
Also, see <https://mail.python.org/pipermail/mailman-
users/2017-October/082558.html>, <https://wiki.list.org/x/4030556> and
the "How to post to the announcement list:" section at
<https://wiki.list.org/x/4030685>.
** Changed in: mailman
Status: New => Invalid
--
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1721746
Title:
[If member-email known] Malformed "From:" header accepted -> anyone
can post to list.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1721746/+subscriptions
More information about the Mailman-coders
mailing list