[Mailman-Users] Fake Email

Barry Warsaw barry at python.org
Mon Nov 2 03:48:36 CET 2009

On Nov 1, 2009, at 9:06 PM, Stephen J. Turnbull wrote:

> If you really want Mailman to do the authentication, you can either
> use the Approved header field, which is not very secure, or you can
> use the 3rd-party patch to use public-key signatures which somebody
> else mentioned.  I'm pretty sure that should work OK because the
> theory is straightforward, but haven't reviewed it or used it myself,

In theory, it would also be possible for Mailman to trust  
authentication information that the receiving MTA placed into the  
headers.  It's the same as having Mailman inspect spam headers that  
some upstream-to-Mailman spam filter places into the message to  
determine whether the message should reach the list membership.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 832 bytes
Desc: This is a digitally signed message part
URL: <http://mail.python.org/pipermail/mailman-users/attachments/20091101/6b350819/attachment.pgp>

More information about the Mailman-Users mailing list