[mailman-users] member-only lists and non-member postings
mailman at sgtst.com
Fri Mar 5 19:22:52 CET 2004
At 11:42 AM 3/5/04 -0500, Dean Karres wrote:
>Two days ago we received several spam / virus loaded messages from
>obviously fake non-members on a few of our mailing lists. All were
>stopped and discarded -- except two. Those two messages were aimed at
>out largest mailing list.
In the last 48 hours, two messages with faked (nonmember) addresses and virus attachments got through to our member-only lists. Between the first and second attack, I changed the administrator and moderator passwords and I haven't shared the new passwords with anyone. One of the lists is *very* tightly controlled and none of the 3 folks who could post without moderation has reported their system being compromised. The logfiles show nothing but the messages going through as if they had been from unmoderated members of the list (but the sender in the logfile is clearly a nonmember). I don't see anything in the headers of the messages that would indicate why they bypassed the moderator.
While this doesn't answer Dean's question about how to compare the configurations of two lists, my gut is telling me the lists are properly configured and something else is going on. Any clues would be appreciated.
More information about the Mailman-Users