Hi,
What would be the surprising effects if I subscribe a list to a list?
It's just a customer whish, and I never did it and wonder what could
happen...
--
Chef de projet chez Vectoris
http://www.google.com/search?q=mihamina+rakotomandimby
--
I have been attempting to test out the bounce processing on a test
list and am confused by the results so far. We are running Mailman
2.1.9 on RHEL, installed with the OS.
The test list (tsstst) has the following settings:
bounce_score_threshold: 1.0 (originally 5.0)
bounce_info_stale_after: 7
On the web interface, every day, the ownership for config.ock gets changed:
/var/lib/mailman/lists/MYLIST/config.pck gets set to mailman:mailman, while all
other files and fodlers remain webadmin:mailman.
The result is that if I try to use the web interface, I get:
Bug in Mailman version 2.1.1
on 1/26/09 6:09 PM, Grant Taylor said:
I meant the Return-Path with is the SMTP envelope sender.
In theory, your MTA should be putting the envelope sender address into
the "Return-Path:" header, so these two should always match.
If not, then you should talk to the vendor of your MTA softwar
on 1/26/09 6:05 PM, Grant Taylor said:
See, I believe both Lindsay's and Mark's points to be /valid/ points,
but not a fault of SPF. Rather I think they (the points) are a fault of
the way that people have come to use (read: abuse) email over the years.
This is not the place to debate the r
on 1/26/09 4:49 PM, Grant Taylor said:
I would be willing to bet that the spoofed member is really the source
of the message. I would not be at all surprised if that members
computer has malware on it that sent the email (after harvesting it from
the address book) via the default email client
Rich Winkel wrote:
>
>Her umbrella posts are moderated also, I was just hoping that approving
>a post for the umbrella would approve it for all the sublists as well.
OK. I "get it".
Here's what you could do. It's not "spoof proof", but it will
accomplish what you want I think.
Instead of puttin
Grant Taylor writes:
> About the only thing that I can think of where the From: and the
> Return-Path: might not match is a forward or some other thing like
> that. However I can't see why any one would have addresses
> forwarding in to a mailing list.
>
> Do you have such an example handy?
A low-tech fix I've used is to set "max_num_recipients" to a really
low number, like 2 or 3. Anything more than that, and the post gets
held for approval. Virtually every time I've seen a spam post that
spoofs a member's email address, it's had more than a couple of
recipients.
rac
> -- F
Rich Winkel wrote:
>
>Sorry, it's being held by the sublist. It's the only sublist of
>which the poster is a member. She's flagged for moderation on the
>sublist, but the umbrella list bounces address is listed in the
>approved sender filter for the sublist. All the other sublists
>distributed t
on 1/26/09 4:03 PM, Barry Finkel said:
We had a case last week when someone sent mail with a spoofed
"From: "
line that contained the e-mail address of the list owner. The mail
was delivered to us via a SMTP mailer of an ISP, and we have in the
mail headers the IP address of the send
Rich Winkel wrote:
>I have a sublist of an umbrella list. A message from one of the
>subscribers to the sublist is being held for moderation despite being
>approved for the umbrella list... any quick fixes?
>This is mailman-2.1.10.
Being held by which list? I am unable to understand from the ab
Mordur Ingolfsson wrote:
>Hi, thanks for your reply Mr. Sapiro. I had already tried this:
>
>
># CODE ###
>def _(s):
>return s
>
>add_language('en',_('English (USA)'), 'iso-8859-1')
>
>del _
># CODE
>
>as I had found this in some mailing list ar
Hi, thanks for your reply Mr. Sapiro. I had already tried this:
# CODE ###
def _(s):
return s
add_language('en',_('English (USA)'), 'iso-8859-1')
del _
# CODE
as I had found this in some mailing list archive. This does not seem
to work. Nei
I have a sublist of an umbrella list. A message from one of the
subscribers to the sublist is being held for moderation despite being
approved for the umbrella list... any quick fixes?
This is mailman-2.1.10.
Thanks!
Rich
--
Mailman-Users mail
On 01/26/09 17:19, Mark Sapiro wrote:
About the only things that you can "normally" expect to match are
From: and envelope sender, but even there, there will be legitimate
mail in which they won't match.
I meant the Return-Path with is the SMTP envelope sender.
About the only thing that I can
On 01/26/09 16:49, Taylor, Grant wrote:
Is there a way that we can require some of these things (if they exist)
to match each other? I.e. to require the 'from' and the 'reply-to' to
match?
Ugh! It's been a *LONG* day. "... I.e. to require the 'from' and the
'return-path' ...".
Grant. .
On 01/26/09 17:12, Mark Sapiro wrote:
Not to mention the additional problem of SPF being totally unable to
deal with .forward and the like.
See, I believe both Lindsay's and Mark's points to be /valid/ points,
but not a fault of SPF. Rather I think they (the points) are a fault of
the way th
Lindsay Haisley wrote:
>On Mon, 2009-01-26 at 14:34 -0700, Steve Lindemann wrote:
>> would mailman remove it from the header for
>> final delivery to the list members?
>
>Yes, absolutely. Not only in the text/plain part but in every part of a
>multipart message in which it occurs. Otherwise
Lindsay Haisley wrote:
>On Mon, 2009-01-26 at 16:49 -0600, Grant Taylor wrote:
>> Is there a way that we can require some of these things (if they exist)
>> to match each other? I.e. to require the 'from' and the 'reply-to' to
>> match?
>
>This might not be such a good idea. A "Reply-To" heade
Lindsay Haisley wrote:
>
>My experience with SPF is that it's not at this point widely enough
>deployed so that it can reliably be used as an accept/reject filtering
>criterion. I tried to do it at one point on my mail servers and got
>flack right away from customers who couldn't get their legitim
On Mon, 2009-01-26 at 16:54 -0600, Grant Taylor wrote:
> It will be *VERY* difficult for me to spoof an SMTP envelope sender for
> Microsoft with out SPF filters (and the likes) detecting it and acting
> accordingly.
My experience with SPF is that it's not at this point widely enough
deployed so
On Mon, 2009-01-26 at 16:49 -0600, Grant Taylor wrote:
> Is there a way that we can require some of these things (if they exist)
> to match each other? I.e. to require the 'from' and the 'reply-to' to
> match?
This might not be such a good idea. A "Reply-To" header is optional is
generally use
On 01/26/09 16:51, Lindsay Haisley wrote:
It's no more difficult to spoof the From header than it is to spoof
the envelope sender address, but at least this way, if it happens
again, you'll more easily see which header got the spam through and
not have to go digging for it.
I'll agree it's al
On 01/26/09 16:38, Lindsay Haisley wrote:
Both of these reflect the envelope sender address used in the SMTP
dialog with the mail server.
*nod*
You can restrict the set of headers used to identify subscribers
using the SENDER_HEADERS variable in mm_cfg.py, as Mark indicated.
By default (in
On 01/26/09 16:26, Steve Lindemann wrote:
Thanks! Got it! They spoofed a legitimate list member on the
Return-Path:, which also showed up on the first ("From ") message header
line. The From:, Reply-To: reflected the purported spammer and there
was no Sender: in the raw mbox file. The good n
On Mon, 2009-01-26 at 15:44 -0700, Steve Lindemann wrote:
> Thanks... I like that solution much more better 8^)
It's no more difficult to spoof the From header than it is to spoof the
envelope sender address, but at least this way, if it happens again,
you'll more easily see which header got the s
Lindsay Haisley wrote:
On Mon, 2009-01-26 at 15:26 -0700, Steve Lindemann wrote:
Thanks! Got it! They spoofed a legitimate list member on the
Return-Path:, which also showed up on the first ("From ") message header
line.
Both of these reflect the envelope sender address used in the SMTP
dial
On Mon, 2009-01-26 at 15:26 -0700, Steve Lindemann wrote:
> Thanks! Got it! They spoofed a legitimate list member on the
> Return-Path:, which also showed up on the first ("From ") message header
> line.
Both of these reflect the envelope sender address used in the SMTP
dialog with the mail ser
Mark Sapiro wrote:
Right. That's why you have to look at the raw archive mbox file (not
the html archive or the periodic .txt or .txt.gz file). That's the
only place that will have the original envelope sender in the "From "
separator and the original Sender:.
Thanks! Got it! They spoofed a l
On 01/26/09 16:16, Mark Sapiro wrote:
You can change/limit which headers are used. See SENDER_HEADERS in
Defaults.py, but as has been pointed out, in most cases, you want to
look at something to determine if a post is from a list member.
I'll take a look.
If you're suggesting there should be
On 01/26/09 15:55, Lindsay Haisley wrote:
This kind of defeats the purpose, by definition, of a non-moderated,
subscribers-only list. This would be the equivalent of setting
everyone's mod flag on, at which point it becomes a moderated list.
Either you allow subscribers to post, or you don't,
Grant Taylor wrote:
>On 01/26/09 15:26, Mark Sapiro wrote:
>> All the headers of the spam post. In a default installation, if any
>> of From:, Reply-To: or Sender: headers or the envelope sender as
>> reflected in the Unix From or Return-Path: header contains a member
>> address, the post will
On Mon, 2009-01-26 at 16:03 -0600, Barry Finkel wrote:
> We had a case last week when someone sent mail with a spoofed
>
> "From: "
>
> line that contained the e-mail address of the list owner.
Unless the list owner is also a subscriber with his/her mod flag turned
off, the fact that so
Steve Lindemann wrote:
>Mark Sapiro wrote:
>> All the headers of the spam post. In a default installation, if any of
>> From:, Reply-To: or Sender: headers or the envelope sender as
>> reflected in the Unix From or Return-Path: header contains a member
>> address, the post will be deemed from that
Steve Lindemann wrote:
>Had something strange occur early Saturday morning. A non-subscriber
>managed to successfully post to two member only lists (and, of course,
>it was spam).
>
>The bogus sender (thelevisstoreonl...@levis.rsys1.com) is not a member
>of these member only lists and is not i
On Mon, 2009-01-26 at 14:51 -0700, Steve Lindemann wrote:
> Rechecked the delivered message header and found the list bounces
> address in the Sender: and Return-Path: headers, but I thought that was
> normal on the delivered message.
It is, if you're looking at the _distributed_ post. This is
Mark Sapiro wrote:
Steve Lindemann wrote:
Lindsay Haisley wrote:
Is it possible that the list mod or admin password got out? I believe
than anyone can post to a moderated list by putting an "Approved:
" header or pseudo-header in a post.
>>
I'm on one of the lists that accepted the message (w
On Mon, 2009-01-26 at 15:44 -0600, Grant Taylor wrote:
> On 01/26/09 15:26, Mark Sapiro wrote:
> > All the headers of the spam post. In a default installation, if any
> > of From:, Reply-To: or Sender: headers or the envelope sender as
> > reflected in the Unix From or Return-Path: header contain
Mark Sapiro wrote:
All the headers of the spam post. In a default installation, if any of
From:, Reply-To: or Sender: headers or the envelope sender as
reflected in the Unix From or Return-Path: header contains a member
address, the post will be deemed from that member.
Find the spam posts in ar
On 01/26/09 15:26, Mark Sapiro wrote:
All the headers of the spam post. In a default installation, if any
of From:, Reply-To: or Sender: headers or the envelope sender as
reflected in the Unix From or Return-Path: header contains a member
address, the post will be deemed from that member.
Can
On Mon, 2009-01-26 at 13:26 -0800, Mark Sapiro wrote:
> If that isn't the answer, then it is possible that, as Lindsay
> suggests, the post contained an Approved: header with the list admin
> or moderator password.
Mark's answer is probably more likely than mine. I was in the process
of reading M
Steve Lindemann wrote:
>Lindsay Haisley wrote:
>> Is it possible that the list mod or admin password got out? I believe
>> than anyone can post to a moderated list by putting an "Approved:
>> " header or pseudo-header in a post.
>
>I'm on one of the lists that accepted the message (which is how i
On Mon, 2009-01-26 at 14:34 -0700, Steve Lindemann wrote:
> Lindsay Haisley wrote:
> > Is it possible that the list mod or admin password got out? I believe
> > than anyone can post to a moderated list by putting an "Approved:
> > " header or pseudo-header in a post.
>
> I'm on one of the lists t
Lindsay Haisley wrote:
Is it possible that the list mod or admin password got out? I believe
than anyone can post to a moderated list by putting an "Approved:
" header or pseudo-header in a post.
I'm on one of the lists that accepted the message (which is how it came
to my attention) and I ju
Steve Lindemann wrote:
>Had something strange occur early Saturday morning. A non-subscriber
>managed to successfully post to two member only lists (and, of course,
>it was spam).
>
>The bogus sender (thelevisstoreonl...@levis.rsys1.com) is not a member
>of these member only lists and is not i
Is it possible that the list mod or admin password got out? I believe
than anyone can post to a moderated list by putting an "Approved:
" header or pseudo-header in a post.
On Mon, 2009-01-26 at 13:40 -0700, Steve Lindemann wrote:
> Had something strange occur early Saturday morning. A non-subsc
Had something strange occur early Saturday morning. A non-subscriber
managed to successfully post to two member only lists (and, of course,
it was spam).
The bogus sender (thelevisstoreonl...@levis.rsys1.com) is not a member
of these member only lists and is not in the accept_these_nonmembers
48 matches
Mail list logo
