[Mailman-Users] Spam Problem

[Mark Sapiro]

Nancy Shoemaker wrote:
>
>The headers of the message that got through to the list didn't 
>include any reference to a subscriber to the list, but a message that 
>was delivered to my personal mailbox had a "Reply-To" header that 
>allowed me to track down the subscriber who probably inadvertently 
>spammed her entire address book with these messages. In other words, 
>the headers of the message I got outside of Mailman included:
>
>From: myYearbook.com<noreply at myyearbook.com>
>Subject: Is Barbara Your Friend? Please respond!!
>x-mybid: bmFuY3lzaG9lbWFrZXJAbWluZHNwcmluZy5jb20=
>To: <my personal address>
>MIME-Version: 1.0
>Content-type: text/html; charset=iso-8859-1
>Reply-To: "Barbara" <a list subscriber's address>
>
>I don't see the "Reply-To" header in the Mailman message (and, 
>indeed, the message that got through to the list has no way to tell 
>which Barbara sent it).
>
>I believe this is the expected behavior for mismatched "reply-to" and 
>"From" headers. Is there any way that such a mismatch could be 
>considered a flag to be logged (so the real sender could be tracked 
>down) or to trigger moderation -- with exceptions for "reply to the 
>list" of course?


A post is considered to be from a member if a member's address is in
any of the From:, Reply-To: or Sender: headers or is the envelope
sender.

Normally, the Reply-To: address in the incoming post will also be in
the message sent to the list, but if you do Reply-To: munging
(first_strip_reply_to = Yes), it will be removed.

If you don't want to accept posts where only the Reply-To: address is a
list member, set

SENDER_HEADERS = ('from', None, 'sender')

in mm_cfg.py. The default is

SENDER_HEADERS = ('from', None, 'reply-to', 'sender')

where None means the envelope sender.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan