Rene Hamburger wrote:

I am forwarding emails to a mailing list after I have included the original sender's email as the reply-to address. It works fine as long as the reply-to address is not on the actual email list. But when it is, mailman recognises it as being moderated and blocks the email. Is that a feature or a bug? :)

This is a feature. By default, the address(es) in the From: header, the envelope from, the Reply-To: header and the Sender: header are examined in that order and if any of them are a list member, the post is considered to be from the first member found for moderation purposes.

The question is, the From: should be your address, so is that address a list member? If not, why not? If so, and you are not moderated, the Reply-To: address should not be considered unless you have overridden the definition of SENDER_HEADERS in mm_cfg.py.

If you put this

SENDER_HEADERS = ('from', None, 'sender')

in mm_cfg.py, i.e. drop reply-to from the default

SENDER_HEADERS = ('from', None, 'reply-to', 'sender')

then Mailman won't consider the Reply-To: when determining a moderated member post.

But, As I say, I don't understand why your own From: is not controlling unless you aren't a list member and are in accept_these_nonmembers instead. If that is the case, why? It provides no security or spoof resistance over your being a member, and if you're really concerned about spoofing, everyone should be moderated and you should post with an Approved: password header.

And even with no other changes, posting with an Approved: password header will prevent the post being held regardless of the Reply-To:.

-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan