On 09/25/2017 03:49 AM, Ralf Hildebrandt wrote:
> Recent phishing mails are targeting mailing-lists -- and do pass.
>
> From our logs:
> Sep 25 12:10:41 2017 (1940) post to rundmail-it from
> sabishi.meis...@charite.de, size=4760,
> message-id=<486320030245.201792592...@charite.de>, success
>
> But the headers of the mail that was automatically passed (since
> sabishi.meis...@charite.de is a member) was:
>
> From: "Sabishi.Meister@"
A post is considered to be from a list member if any of the headers in
the Defaults.py/mm_cfg.py SENDER_HEADERS setting contains a member
address. The default setting is
SENDER_HEADERS = ('from', None, 'reply-to', 'sender')
(None means the envelope sender). Assuming you have the default setting,
the sabishi.meis...@charite.de address was either the envelope sender or
in Reply-To: or Sender:.
You could set
SENDER_HEADERS = ('from',)
in mm_cfg.py to test only the From: for list membership.
--
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org