barry at list.org
Tue Feb 10 21:59:10 CET 2009
-----BEGIN PGP SIGNED MESSAGE-----
On Feb 9, 2009, at 5:43 AM, Ian Eiloart wrote:
> I'm not sure whether I do use it, but I think I should.
> Most of our list users are in our own domain. That domain certainly
> is less spoofable in the envelope, because we don't accept mail from
> our domain unless it's been through our servers. We don't get spam
> with sussex.ac.uk in the envelope sender domain.
> With SPF records now widely published, including by several large
> free email service providers, it's certainly within the power of
> sites to validate the envelope sender address of much of their
> inbound email. Losing this facility now would be a great shame.
> I certainly don't see how having the option can do much harm.
> It might be worth adding code to support BATV, if it isn't there
MM3 does not yet support this.
So, I've landed a branch that gets rid of the MM3 equivalent to
USE_ENVELOPE_SENDER, but it will still be possible to consider the
MAIL FROM or Sender addresses in preference to From, if you wanted
to. I've implemented a site admin definable header lookup scheme so
you can define the order that headers are considered. By default it's
From:, MAIL FROM, Reply-To, Sender. This is a global order just like
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
-----END PGP SIGNATURE-----
More information about the Mailman-Developers