[Mailman-Users] non-subscriber managed to post to a subscriber only list

Stephen J. Turnbull stephen at xemacs.org
Tue Jan 27 03:30:17 CET 2009

Grant Taylor writes:

 > About the only thing that I can think of where the From: and the
 > Return-Path: might not match is a forward or some other thing like
 > that. However I can't see why any one would have addresses
 > forwarding in to a mailing list.
 > Do you have such an example handy?

Sure.  Anybody who uses a single host to send mail but alters their
>From according to the venue (me, for example).  Anybody whose MTA
identifies the envelope sender as user at actual-host.example.com, but
whose MUA identifies them as user at example.com in From.  Anybody whose
mail is handled on somebody else's account, and thus will have a
Sender header (typically Return-Path will more likely point to Sender
than From in that case).

It would be easy to implement in something like SpamAssassin.

More information about the Mailman-Users mailing list