[Mailman-Users] Spam through my mailman?

Fri, 25 Mar 2016 10:45:53 -0700 

Hi,

I am receiving spam to my list-owner address that appears to be sent
from the same list-owner address.  Here are some of the headers,
anonymized a bit (google is there because my email is forwarded to my
gmail address).

Received-SPF: pass (google.com: domain of
mailman-boun...@my.server.com designates MY.IP.ADDR.ESS as permitted
sender) client-ip=MY.IP.ADDR.ESS;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@my.server.com;
       spf=pass (google.com: domain of mailman-boun...@my.server.com
designates MY.IP.ADDR.ESS as permitted sender)
smtp.mailfrom=mailman-boun...@my.server.com
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=my.server.com; s=mcmaildk;
    h=Sender:Content-Type:Date:Message-Id:MIME-Version:Subject:To:From;
bh=(STUFF)
Received: from localhost ([127.0.0.1] helo=www.my.server.com)
    by my.server.com with esmtp (Exim 4.84)
    (envelope-from <mailman-boun...@my.server.com>)
    id 1ajRhe-0006bB-4A
    for listmas...@my.server.com; Fri, 25 Mar 2016 08:23:06 -0500
Received: from [SPAM.IP.ADDR.ESS] (helo=spammer.domain.com)
 by my.server.com with esmtp (Exim 4.84)
 (envelope-from <mylist-ow...@my.server.com>) id 1ajRhW-0006b2-Jk
 for mylist-ow...@my.server.com; Fri, 25 Mar 2016 08:23:00 -0500
From: A. Spammer <mylist-ow...@my.server.com>
To: mylist-owner <mylist-ow...@my.server.com>
Errors-To: mailman-boun...@my.server.com
Sender: "Mylist" <mailman-boun...@my.server.com>

The SPF and DKIM passes make it seem like this spam is actually being
sent from my server, not just from somewhere else with a spoofed
sender.  Is there some way that my mailman may be misconfigured that
could be allowing the spammer to spam through it in this way?  Or has
my server been hacked?

Thanks!!
Mike
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Reply via email to