>>>>> "AS" == Antenna Support <[EMAIL PROTECTED]> writes:
AS> We just experienced a loop: a message was sent many times
AS> because it wasn't deleted in the /home/mailman/qfiles
AS> directory The error mailed was:
AS> /usr/bin/python -S /home/mailman/cron/qrunner
| sh: [EMAIL PROTECTED]: command not found
| c... User unknown
| It appeared that there was an address added to the list:
| m&[EMAIL PROTECTED]
AS> The loop could only be stopped by removing the .msg and .db
AS> file in the qfiles directory. I also removed this address from
AS> the subscribers.
AS> Is there anything I can do to prevent this from happening
AS> again?
Don't use the Sendmail.py DELIVERY_MODULE. It goes through the shell,
and its input is not properly escaped. For the same reason,
Sendmail.py is a security problem.
Mailman itself can handle addresses with &'s in them just fine (and I
believe they're legal as per RFC 2822). Use the SMTPDirect.py
delivery module and you should be fine.
-Barry
------------------------------------------------------
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
