[Mailman-Users] Filtering of unwanted Spam-Emails

Mark Sapiro mark at msapiro.net
Thu Oct 5 18:42:16 EDT 2017

On 10/05/2017 02:24 AM, Sebastian Jung wrote:
>    Hi all,
>    I administrate a Mailinglist where by default only members of the list are
>    allowed to post messages. Lately we have Spam-Emails where the creator
>    uses a "From"-Adress in the form of:
>    regularListMember at somedomain.com <someSpamAddress at dubiosDomain.TLD>
>    Mailman does not block those Emails since the known and allowed
>    Email-adress appears with in the From-Field although it is just part of
>    the name tag.

That is not the reason why Mailman is allowing this post as a member
post. Mailman understands the difference between a display name and an
email address in a From: header.

Mailman's membership checks look at more than just From:. By default,
Mailman looks at the From: header, the envelope sender and the Reply-To:
and Sender: headers. If any of those which exists contains a list member
address, the post is considered to be from the member.

You can reduce that list installation wide by putting a setting for
SENDER_HEADERS in Mailman/mm_cfg.py - see the documentation in
Mailman/Defaults.py. For example, putting

SENDER_HEADERS = ('from',) in mm_cfg.py will mean only the From: header
is checked for list membership.

Note also that you won't see the original envelope sender or Sender:
header in the delivered post or archives nor will you see the original
Reply-To: if the list is configured to remove it, but the original
envelope sender and Sender: if any will be in the
archives/private/LISTNAME.mbox/LISTNAME.mbox file. and the envelope
sender will probably be in MTA logs.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list