[Mailman-Users] list address in From: line post message to closed list

Dragon dragon at crimson-dragon.com
Thu Apr 3 21:41:37 CEST 2008 

Steve Lindemann sent the message below at 12:18 4/3/2008:
>I'm sorry, I'm just not sure what the best subject line would be for
>this... 8^(    I'm sure this has been going on for ages, but it's only
>just recently been brought to my attention.
>
>The problem - when the list email address is (spoofed) in the From: line
>(as well as being on the To: line) the message posts to the list.  The
>ability to post to the list is supposed to be restricted to only list
>members.  The list address is not in the list of list members.
>
>Is this normal?  I checked the config and there did see anything to
>allow this behavior there.  Is the list email address automatically
>considered to be a member of the list?  I can always block it in
>"privacy options->sender filters", but should that even be necessary?  Help!
>
>I checked what documentation I can find and couldn't find any mention of
>this behaviour.  I didn't have a clue how to look for it in the FAQ so I
>settled for reading the index and didn't see anything resembling this
>there either.
---------------- End original message. ---------------------

This seemed rather strange to me too so I decided to test it on my 
server. I have 2.1.10b3 installed from source on a Redhat machine. My 
list is configured for posts from non-members to be discarded.

I sent a message to one of my lists using the list address in the 
From: header. The message was discarded as I expected it would be and 
I confirmed this by an entry in the vette log.

So it works on my installation as I expect it would. The question now 
is, what is the difference between my source install and your 
installation. Are you using a cPanel or Plesk version, or a version 
installed from somebody else's package maybe through yum or something similar?

Are you certain that the message was distributed via the list?

Is it in the list archive?

Can you match the message ID to one in the post log?

If you can see it in the archive and post log then it did get 
processed through mailman. If not, perhaps it was BCC'ed to your 
address or there is something else going on with your MTA.

Dragon

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Venimus, Saltavimus, Bibimus (et naribus canium capti sumus)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

More information about the Mailman-Users mailing list