Cristóbal Palmer wrote: > >I'm still scratching my head on how this bounced its way into my >inbox, for example: > > http://garp.metalab.unc.edu/backscatter-example.txt > >How/where do I stop that?
It doesn't look to me like backscatter at all. It looks like spam sent to [EMAIL PROTECTED] which went to MailScanner on "malecky" which replaced the original message with a message consisting of the "notice" with the original attached. That message then continued through delivery chain to [EMAIL PROTECTED] which was redirected to [EMAIL PROTECTED] and then to [EMAIL PROTECTED] by lists.ibiblio.org. It was then relayed to metalab.unc.edu (a bit of a puzzle as the MX for ibiblio.org is mail.metalab.unc.edu, but perhaps these are really the same machine) which redirected [EMAIL PROTECTED] to [EMAIL PROTECTED] which ultimately got delivered to [EMAIL PROTECTED] It also appears that the [EMAIL PROTECTED] to [EMAIL PROTECTED] step involved a resend which rewrote the envelope sender to [EMAIL PROTECTED] I don't know what there is to stop here. I may be completely wrong, but it looks like this was just mail sent to [EMAIL PROTECTED] delivered through the chain that would apply to all such mail. OK, I've just seen your reply to Robby Griffin's off-list message so the question is "why did [EMAIL PROTECTED]" go to [EMAIL PROTECTED] You say "What I'm missing here is the step where the mail went from going to one of the three list admins (again, all at gmail) to going to me. Where was the forgery? How did mailman (or was it postfix?) get duped?" There is no evidence in the Received: chain that this copy was sent to any of the three list admins. What does /usr/local/mailman/bin/list_owners -m cc-co show you? Assuming that doesn't list postmaster, what is in the MTA logs on lists.ibiblio.org regarding this message, and what's in Mailman's smtp log regarding this message? There's actually no indication that this ever went to Mailman. How is list mail delivered to Mailman on this machine? Is it possible that [EMAIL PROTECTED] is mis-interpreted as trying to deliver to the 'co-owner' address of the cc list and this mis-delivery goes to postmaster? -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
