[Mailman-Developers] Potential risk of VERP?

[Barry A. Warsaw]

I just thought of a potential risk to VERPing, and I'd like to get
some feedback from you all about it.

Let's say I run a mailing list foo@python.org and someone like (oh, I
dunno) yahoogroups subscribes to the list and provides subscription
services of its own.  I.e. people can subscribe to foo@yahoogroups.com
and they'll get all the messages posted to foo@python.org.  Yes, we've
seen this happen quite a bit.

Now, suppose someone on foo@yahoogroups.com starts bouncing, and we're
VERPing.  Won't our Mailman think that foo@yahoogroups.com is the
bouncing member?  In a sense they are, but I can see an attack vector:

- subscribe to some downstream reflector for a group,
  e.g. foo@yahoogroups.com

- purposely set your address to bounce

- foo@yahoogroups.com gets disabled, thus shutting off a large list of
  recipients.

Or will/should yahoogroups rewrite the envelope sender for /its/
downstream members?

-Barry