Hi all, there seems to be a targeted attack against public mailman lists at german universities at the moment. I have heared from 3 seperate unis having this problem, Regensburg, Münster and us in Düsseldorf.
As far as I can see this attack works like this: A mail with envelop-from [email protected] and From:-Header "Jennifer Lankford" <[email protected]> is delivered to our list [email protected] This list is configured only to accept mails from members and to hold all other mails for the moderators to inspect. The mail is correctly held to be moderated BUT it is also forwarded to all members with From:-Header "Jennifer Lankford" <[email protected]> I can't see why or how this could work. What am I missing? We are using Mailman 2.1.15 Thanks in advance Julian ------------------------------------------------------ Mailman-Users mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
