[Mailman-Users] non-subscriber managed to post to a subscriber only list

Steve Lindemann steve at marmot.org
Mon Jan 26 22:51:46 CET 2009

Mark Sapiro wrote:
> All the headers of the spam post. In a default installation, if any of
> From:, Reply-To: or Sender: headers or the envelope sender as
> reflected in the Unix From or Return-Path: header contains a member
> address, the post will be deemed from that member.
> Find the spam posts in archives/private/LISTNAME.mbox/LISTNAME.mbox.
> The headers there should reflect the original except maybe for
> Reply-To: if the list mungs that.
> If that isn't the answer, then it is possible that, as Lindsay
> suggests, the post contained an Approved: header with the list admin
> or moderator password.

Rechecked the delivered message header and found the list bounces 
address in the Sender: and Return-Path: headers, but I thought that was 
normal on the delivered message.

Checked the archives and found the note "An HTML attachment was 
scrubbed..." and a link to the html portion of the message.  The rest of 
the message (including the header) appears to be missing from the archive.

I didn't think the <LIST>-bounces address was considered a member of the 
list...  is it?
Steve Lindemann                         __
Network Administrator                  //\\  ASCII Ribbon Campaign
Marmot Library Network, Inc.           \\//  against HTML/RTF email,
http://www.marmot.org                  //\\  vCards & M$ attachments
+1.970.242.3331 x116

More information about the Mailman-Users mailing list