Using Mailman 2.1.3, we have had problems with virus-generated messages with spoofed senders getting through to a one-way list.
The only 'solution' I have found is to to disallow any non-moderated users or administrators. This forces all messages, even from list admins, to be moderated.
Under Privacy options: [Recipient filters], we set "Ceiling on acceptable number of recipients for a posting" to 1.
And also turned on 'Emergency moderation of all list traffic is enabled' in General Options.
However this is not ideal. Back in the dark ages I used Majodomo. As primtive as that program was, these virus messages would not be getting through. Reason? The moderated users had to include a password with each post. Could that password type feature be added?
A virus might forge the 'form' and the envelope. But it is aweful hard to forge a good password that also matches that from.
Any thoughts?