[Mailman-Users] Spam - How is this happening?

stephen at xemacs.org stephen at xemacs.org
Sat Oct 21 07:44:51 CEST 2006


Jewel writes:

 > I run a Mailman server and have noticed more recently that it seems spam 
 > is being posted to some lists

Is it actually getting through to the lists?  The fact that the spam
score was zero suggests that it does, and that your "Barracuda" spam
filter has no teeth.  You should look into this.

 > but when I look at the headers the message was only posted to the
 > mailman-owner or the owner of the list.  How is this happening?

This really isn't a question for this list (it's a general mail
question), but as long as I'm here....

First, you may have software that removes duplicates, and even if you
were addressed several times, you probably get the list-owner version
first due to list processing delays, and the list version gets
suppressed.  If you want to see what got to Mailman, you can look at
the "mbox" file in the list's archives.  (Presumably Mailman functions
normally on the outgoing side, so that's all you really need for this
purpose.)

Second, the headers that you post here do not tell the whole story.
Specifically, the addresses that your host actually delivers to are
not listed in the headers.  (Sometimes the particular mailbox you find
the message in is; in your case it's the "Delivered-To" header.
However, *other* deliveries are not mentioned in your message.)  The
addresses in the headers you see have nothing to do with where
delivery takes place[1], except by grace of the author.  Spammers are
nothing if not graceless!

To understand why this *must* be so, consider CCs to hosts on the
"other side" of the Internet; your host can't know if they were sent,
let alone delivered.  Or BCCs ("blind carbon copies") received by your
host---since they can't appear in the headers you receive by
definition, there must be another way to tell the system where to
deliver them.  This is what is called the "RFC 2821 Envelope Sender".

	      http://www.rfc-editor.org/rfc/rfc2821.txt

That's pretty rough stuff, though.  Maybe somebody else (the Mailman
FAQ?) has a good reference to a primer?


Footnotes: 
[1]  Strictly speaking, there are any number of cases where they are
the same, but that's because those authors are graceful, or use
graceful software. :-)




More information about the Mailman-Users mailing list