Well, two possibilities come to mind: - a spam group's e-mail address is registered a member of web2py-users - a third party e-mail address is registered as a member of web2py-users and is then set up to redirect all e-mail to this spam group.
Why is this done is beyond me... some way of harvesting e-mail addresses? I see I need to Google a bit about Google group spamming/hacking to come up to speed with these criminals....
