On Wed, 3 Mar 2004, Sam Ruby wrote:Neither. This email contained:
Return-Path: <[EMAIL PROTECTED]> From: [EMAIL PROTECTED]
... neither of which is subscribed to [EMAIL PROTECTED]
From what I have read, ezmlm uses a separate SMTP 'SENDER' field, which
isn't retained in the archive. My bets are that this field contained
the value [EMAIL PROTECTED]
No. Return-Path does capture the email address used by ezmlm to figure
out if and when to send. As it turns out, "[EMAIL PROTECTED]" is able
to post as he's in the "allow" database for that list.
That's what I was afraid of, since I happened to know Andrew uses *both* addresses (or has been using them), at the very least in private mails sent to me.
How can we defend ourselves from bots spamming the lists using subscribed or allowed addresses...? Or do we need to actively monitor/clean up stale entries in the allow list?
</Steven> -- Steven Noels http://outerthought.org/ Outerthought - Open Source Java & XML An Orixo Member Read my weblog at http://blogs.cocoondev.org/stevenn/ stevenn at outerthought.org stevenn at apache.org
