[Mailman-Users] non-subscribers getting through--email address in "Real Name"
Robert Heller
heller at deepsoft.com
Thu Jul 19 08:16:40 EDT 2018
At Wed, 18 Jul 2018 19:33:20 -0700 Mark Sapiro <mark at msapiro.net> wrote:
>
> On 07/18/2018 07:10 PM, Robert Heller wrote:
> >
> > Mailman only checks the From: header...
>
>
> Not true. See my other reply in this thread.
I mean it does not check things like the Received: headers *by default*. If
the email part of the From: header is a list member address, Mailman will
consider that the mail is from that member and pass the message on to the
list, *even if the From: header is spoofed*. I expect that this is what
happening with the OP. It is a common spammer hack: somehow get a list of
member addresses (or really hack a member's E-Mail accoung or PC and go from
there).
Yes, Mail mail can be configured to check other headers, but this requires
some configuration settings.
>
--
Robert Heller -- 978-544-6933
Deepwoods Software -- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
heller at deepsoft.com -- Webhosting Services
More information about the Mailman-Users
mailing list