[Mailman-Users] non-subscriber managed to post to a subscriber onlylist
Mark Sapiro
mark at msapiro.net
Mon Jan 26 22:26:00 CET 2009
Steve Lindemann wrote:
>Had something strange occur early Saturday morning. A non-subscriber
>managed to successfully post to two member only lists (and, of course,
>it was spam).
>
>The bogus sender (thelevisstoreonline at levis.rsys1.com) is not a member
>of these member only lists and is not in the accept_these_nonmembers
>filter. Other non-member posts are being caught and sent to moderation.
> Is there something else that I should be looking at?
All the headers of the spam post. In a default installation, if any of
From:, Reply-To: or Sender: headers or the envelope sender as
reflected in the Unix From or Return-Path: header contains a member
address, the post will be deemed from that member.
Find the spam posts in archives/private/LISTNAME.mbox/LISTNAME.mbox.
The headers there should reflect the original except maybe for
Reply-To: if the list mungs that.
If that isn't the answer, then it is possible that, as Lindsay
suggests, the post contained an Approved: header with the list admin
or moderator password.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list