[Mailman-Users] Mailman blocks messages based on reply-to address
Mark Sapiro
mark at msapiro.net
Thu Nov 11 21:05:21 CET 2010
Rene Hamburger wrote:
>
>I am forwarding emails to a mailing list after I have included the original
>sender's email as the reply-to address. It works fine as long as the
>reply-to address is not on the actual email list. But when it is, mailman
>recognises it as being moderated and blocks the email. Is that a feature or
>a bug? :)
This is a feature. By default, the address(es) in the From: header, the
envelope from, the Reply-To: header and the Sender: header are
examined in that order and if any of them are a list member, the post
is considered to be from the first member found for moderation
purposes.
The question is, the From: should be your address, so is that address a
list member? If not, why not? If so, and you are not moderated, the
Reply-To: address should not be considered unless you have overridden
the definition of SENDER_HEADERS in mm_cfg.py.
If you put this
SENDER_HEADERS = ('from', None, 'sender')
in mm_cfg.py, i.e. drop reply-to from the default
SENDER_HEADERS = ('from', None, 'reply-to', 'sender')
then Mailman won't consider the Reply-To: when determining a moderated
member post.
But, As I say, I don't understand why your own From: is not controlling
unless you aren't a list member and are in accept_these_nonmembers
instead. If that is the case, why? It provides no security or spoof
resistance over your being a member, and if you're really concerned
about spoofing, everyone should be moderated and you should post with
an Approved: password header.
And even with no other changes, posting with an Approved: password
header will prevent the post being held regardless of the Reply-To:.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list