On 6/1/20 3:10 AM, Lucio wrote: > > A few hours ago I received a FBL complaint notification about a monthly > subscription reminder marked as spam and actually coming from my server. > The subscription reminder was attached to the FBL complaint, so I could > see the mailman list subscribed email inside it, which is > ada3167eb87301cb4835917425f07...@libero.it: it's clearly a fake email > address or a real email address that's been created just for sending spam.
The trace headers in the message you attached all indicate it was sent and delivered to ada3167eb87301cb4835917425f07...@libero.it. If this is not a deliverable address for the end recipient, how did it get there? My first thought is that ada3167eb87301cb4835917425f07242 is a HEX encoding, but decoding it as either hex or base64 gives garbage. Have you checked your MTA logs to see what is there for this reminder. I.e., was anything sent to this address? What was sent to the real list member address? It seems unlikely that some intermediary would rewirit the address to ada3167eb87301cb4835917425f07...@libero.it everywhere in the message headers and body including the line: https://my.real.domain.where.i.host.mailman/options/my.real.list.name/ada3167eb87301cb4835917425f07242%40libero.it It really looks like it came from your Mailman for that user. > My mailman subscription logs (/var/log/mailman/subscribe*) go back one year > and that fake email address does not appear in any of them, nor it is listed > in the current subscribers list. It obviously does NOT match the email > address of the user that received the spammed reminder and that raised the > complaint. > > How did it happen? Is there a security flaw in my mailman setup? Where should > I start looking at? I would start with the MTA logs to see exactly what was sent from your server. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
