[Mailman-Users] Re: Virus Just Got Through on TOTALLYMODERATEDlist.
Mark Sapiro
msapiro at value.net
Tue Feb 8 18:19:09 CET 2005
Brad Knowles wrote:
>At 9:59 AM -0500 2005-02-08, Dan Mahoney, System Admin quoted Mark Sapiro:
>
>>> As I said before, the information we really need in order to figure
>>> this out would be the post as received by Mailman, not the one sent
>>> out, but there's no way to get this from Mailman after the fact.
>>
>> *that* is a problem. I see no reason there shouldn't be an option to
>> log this (either in the archives or a logfile, or maybe a "view original
>> post" option in the archives, something possibly admin-only?.
>
> The message as it was originally received by Mailman should be in
>the appropriate
>/usr/local/mailman/archives/private/listname.mbox/listname.mbox file,
Actually, the message in the listname.mbox/listname.mbox has had a lot
done to it. It's been through Approve which would have removed any
Approved: header or initial body line and it's been through Cleanse
and CookHeaders (at least if the default pipeline isn't changed).
About the only useful info which isn't in the final outgoing message
is the incoming envelope sender.
Here's a thought though. If you're concerned about this happening
again, create a pipline attribute for the list with an additional
handler, say 'LogIncoming' between 'SpamDetect' and 'Approve'. See
GLOBAL_PIPELINE in Defaults.py. Or you could do it for all lists by
just putting a new GLOBAL_PIPELINE in mm_cfg.py.
Before doing any of this, you would create
Mailman/Handlers/LogIncoming.py to log the incoming message (or maybe
just the headers and first few lines of the body of the incoming
message).
--
Mark Sapiro <msapiro at value.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list