[Mailman-Users] Help! Restricted posting Problems (need to approve list-member posts)

Christopher P. Lindsey lindsey at mallorn.com
Wed Jul 19 07:12:35 CEST 2000

> > I do not know why Mailman adds this bogus "Sender", and seems to
> > rely on it to determine membership.
> The Sender field is not bogus, is a standard mail header, and is
> added (likely) by the first MTA you hand off your message to.
> Mailman by default authenticates membership on the basis of the
> Sender: header (think about the problem of address forgery for the
> reasons why).  You can edit mm_cfg.py to authenticate by the From:
> header instead.

I submitted a bug report to the jitterbug database about a year
about this:


The biggest problem with using the Sender: header is that it
violates RFC 822.  The URL above has the excerpts explaining

In all seriousness, what setting is in mm_cfg.py to change the
authentication?  I haven't played with the new beta versions
at all, so sorry if I'm being stupid here....

> Rather than doing that however I would subscribe your posting
> address and set it to NOMAIL.  That way authentication remains
> strong (well, sorta, its just less easy to forge) and the system
> works as desired.

Interesting idea!


More information about the Mailman-Users mailing list