We just noticed an oddness in a client's system.
Someone sent to a members-only list and it 'got past' moderation
controls. The list is set to not allow non-members to send to the list,
but somehow it got through the default rule of "discard (no
notification)" for a non-member and got to the list.
The only oddness I can tell is that there was an emoji (unicode) in the
subject line but as I understand how Mailman works, this should NOT have
impacted anything, as the sender filter bits happen earlier in message
processing.
Has *anyone* seen any cases like this before? If this is repeatable or
a known issue, it deserves a CVE security bug because this is a
**severe** problem.
_______________________________________________
Mailman-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
Archived at:
https://lists.mailman3.org/archives/list/[email protected]/message/GPHAFWPHSUVAPHSJXMBTSPC7XVDU52GK/
This message sent to [email protected]
