Recently a spam message came in to four lists I administer. The email
was writtenlike this: firstmlast <user(a)example.com>.
I recognized the real name, because First M. Last, is someone I know
and is subscribed to all the lists. However, the "user(a)example.com"
was totally foreign. So spam.
Three of the lists automatically discarded the email, as I have
configured them to do, and sent me an notification about it. But the
fourth list sent it through, even though user(a)example.com was not
subscribed to the list, and I have generic_nonmember_action set to
Discard.
For the life of me, I cannot figure out how/why this email got
through. I have set the list to emergency moderation for now, but I'd
like to know how it got through in the first place.
I did a config dump and vimdiff across the 3 lists, apart from the
list names, signatures, and two minor fields (max_num_recipients, and
admin_member_chunksize), they are all identical.
In, /usr/local/mailman/logs/post, I see this for the message:
Jun 26 03:48:40 2019 (1052) post to listname from user(a)example.com,
size=6065, message-id
<xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxx-xxxxxxxx>, success
For the other 3 lists, I see this in /usr/local/mailman/logs/vette:
Jun 26 03:48:31 2019 (1050) Message discarded, msgid:
<xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxx-xxxxxxxx>'
list: list1,
handler: Moderate
Jun 26 03:48:51 2019 (1050) Message discarded, msgid:
<xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxx-xxxxxxxx>'
list: list2,
handler: Moderate
Jun 26 03:50:22 2019 (1050) Message discarded, msgid:
<xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxx-xxxxxxxx>'
list: list3,
handler: Moderate
Does anyone know why the message to the fourth list went through?