Mark Sapiro writes: > This is all irrelevant. Since the posts from Gmane are arriving via the > NNTP gateway, no membership tests whatsoever are applied to the post - > no list member, no moderation, no *_these_nonmembers.
Are you sure? The way I read Received: from lo.gmane.org ([80.91.229.12]) by panda.hostingbay.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <gcf-listn...@m.gmane.org>) id 1NXp0a-0004MT-1K for listn...@mydomain; Thu, 21 Jan 2010 15:51:11 +1100 is that it's coming in by SMTP, not via NNTP. In the post as John receives it, we have Sender: listname-boun...@mydomain but elsewhere he reports that the mbox file contains From gcf-myl...@m.gmane.org Thu Jan 21 00:10:24 2010 Sender: news <n...@ger.gmane.org> From: "poster" <pos...@hotmail.com> So the news@ Sender: should have nothing to do with the stealth approval via gmane, and the gcf-mylist@ envelope sender presumably is what is getting those posts through when "poster" is *not* a member. (I think that envelope sender is a bug in Gmane.) AFAICS, just moderate gcf-myl...@m.gmane.org and Gmane will no longer be a vector for stealth posts by nonmembers. When "poster" is a member, From: is checked by Mailman before Sender: or the envelope sender, so will be approved automatically. > >There are so many headers I am totally confused as to which ones > >can/should be filtered on and which ones shouldn't be. Up to now, you didn't need to ask, because we didn't know either. This is very complex, and cannot be simplified at this stage. For now, just follow instructions, get the information we need and install and test the necessary Mailman options. Getting the information is done, I think. The next step is to try the setting the option, either live on your list (slight risk of getting through which would be a minor nuisance to your member) or borrow William Bagwell's test list (if that's what he has set up, AIUI). Once you're satisfied that it's working as you want, *then* we can explain enough, in straightforward and concrete terms, so that you can be confident it will keep working, and have some background info about your own setup if something goes wonky in the future. (You probably won't be able to fix it on your own, but if and when you come back, we'll be able to get to the point much quicker than this time.) ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org