[Mailman-Users] non-subscriber managed to post to a subscriberonly list
Mark Sapiro
mark at msapiro.net
Mon Jan 26 22:43:51 CET 2009
Steve Lindemann wrote:
>Lindsay Haisley wrote:
>> Is it possible that the list mod or admin password got out? I believe
>> than anyone can post to a moderated list by putting an "Approved:
>> <password>" header or pseudo-header in a post.
>
>I'm on one of the lists that accepted the message (which is how it came
>to my attention) and I just rechecked the message header and didn't see
>anything resembling that... would mailman remove it from the header for
>final delivery to the list members? Regardless, I'll see to getting
>passwords changed, thanks.
Yes, any Approve: or Approved: header will be removed from the post
whether or not the password is valid.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list