[Mailman-Users] Re: Virus Just Got Through on TOTALLYMODERATEDlist.
Brad Knowles
brad at stop.mail-abuse.org
Tue Feb 8 17:16:47 CET 2005
At 9:59 AM -0500 2005-02-08, Dan Mahoney, System Admin quoted Mark Sapiro:
>> As I said before, the information we really need in order to figure
>> this out would be the post as received by Mailman, not the one sent
>> out, but there's no way to get this from Mailman after the fact.
>
> *that* is a problem. I see no reason there shouldn't be an option to
> log this (either in the archives or a logfile, or maybe a "view original
> post" option in the archives, something possibly admin-only?.
The message as it was originally received by Mailman should be in
the appropriate
/usr/local/mailman/archives/private/listname.mbox/listname.mbox file,
and the admin would be able to inspect that to get an idea of what
happened. At least, I think the message gets saved there before
stripping and sanitization is performed.
As far as log data is concerned, assuming you get there before
the data in syslog is aged out and thrown away, you should have a
record of that message-id coming into the system, and then a
different message-id going back out (after the mailing list
sanitization is done, etc...).
Unfortunately, Mailman doesn't provide a whole lot of logging
data itself, so it takes more work to figure out what features
were/were not triggered, in which logs there may be useful data,
etc....
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the Mailman-Users
mailing list