[Mailman-Users] Fake Email

Mark Sapiro mark at msapiro.net
Sun Nov 1 16:54:45 CET 2009

Hien HUYNH HUU wrote:

>Hi Stephen, 
>   I can't do that because may be the sender is on another MTA and mailman server can't force they do an authentication.
>   Is this a weak point of Mailman ?

They still could connect and authenticate to the Mailman server's MTA
for list posting purposes.

If for some reason they can't (e.g. their ISP redirects all port 25
connects to it's own MTA), you're back to Stephen's first remark - you
can moderate everyone and post with an Approved: <password> header
where <password> is the list admin or moderator password. Setting and
using the moderator password is preferred to limit the damage in case
it leaks.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list