Jeffrey Goldberg wrote: >On May 27, 2009, at 1:23 PM, Khalil Abbas wrote: > >> all members are moderated, except my own email address >> (m...@email.com) which I use to post to the list .. > >> someone sent from my address > > >> the 'From' name is not me, > >Please clarify. Did the From line contain your email address (m...@email.com >) or not? You seem to be saying two different things. > >If, as I suspect, someone is merely forging your address to post to >the list, there are two things that you can do (I would recommend that >you do (1) as an immediate and temporary measure, until you can get >(2) in place). > >(1) Moderate even your own postings, so that your list moderator >password is required to post, even if "from" your own address. > >(2) Improve the spam/virus filtering on your mailserver. A forged >message from an open relay containing a virus should have been stopped >by your mail system long before it reached mailman.
Two comments in addition to the above good advice. 1) Almost anyone can spoof your address in the From: of an email. This does not require an open relay server or anything fancy. Almost any MUA can do it. 2) That is why for announce lists we recommend moderating everyone and if you want to avoid moderation when posting, use an Approved: header to bypass moderation. See the FAQs at <http://wiki.list.org/x/3YA9> and <http://wiki.list.org/x/XIA9>. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
