[Mailman-Users] Email from Listname

[Fitzpatrick, Ted]

Thank you, Mark. Even though this list is set to be anonymous, I was able to obtain the original sender's email address from the mbox file, as you suggested. It appears that a hacker spoofed a legitimate member email.

Ted

-----Original Message-----
From: Mark Sapiro [mailto:mark at msapiro.net] 
Sent: Monday, April 12, 2010 4:08 PM
To: Fitzpatrick, Ted; mailman-users at python.org
Subject: Re: [Mailman-Users] Email from Listname

Fitzpatrick, Ted wrote:
>
>A hacker recently broadcast email to a discussion list by setting the "from:" header to be the name of the list, e.g., listname at emaildomainname.ca.gov<mailto:listname at emaildomainname.ca.gov>
>
>What's the best way to resolve this issue? If I block incoming email from this address, will that interfere with Mailman's normal operations?


The real question is why was this message accepted? What is the list
setting for generic_nonmember_action? What is in
accept_these_nonmembers?

The listname itself should not be a member of the list, thus a post
From: listname would normally be a non-member post unless there was
also a Reply-To: or Sender: header with a list member address or the
envelope sender address was a list member.

Find the message in Mailman's
archives/private/LISTNAME.mbox/LISTNAME.mbox file. This will show you
the original envelope sender in the "From " separator. Assuming the
list is not anonymous, it will also have the original Sender: header
if any and if the list doesn't mung Reply-To: it will have the
original Reply-To: if any.

Hopefully that information will enable you to see why the post was
accepted.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan