On 4/5/19 11:59 AM, Valentin Schwarze via Mailman-Users wrote:
Are there any settings that we as administrators of the list could change to end that behavior? For example, is it possible in any way, that Mailman only accepts emails that passed a SPF check? Or any other option to prevent email with forged sender adresses to be distributed through the mailman list?
As Mark and Carl have stated, you are better off implementing email hygiene in your MTA and only passing clean messages to Mailman.
Note: SPF by itself won't do anything to protect against From: header spoofing. I would suggest that you also look into DKIM and particularly DMARC filtering.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
