On 03 Mar 2004, at 17:23, Brian Behlendorf wrote:
On Wed, 3 Mar 2004, Sam Ruby wrote:
Neither. This email contained:
Return-Path: <[EMAIL PROTECTED]> From: [EMAIL PROTECTED]
... neither of which is subscribed to [EMAIL PROTECTED]
From what I have read, ezmlm uses a separate SMTP 'SENDER' field, which isn't retained in the archive. My bets are that this field contained the value [EMAIL PROTECTED]
No. Return-Path does capture the email address used by ezmlm to figure out if and when to send. As it turns out, "[EMAIL PROTECTED]" is able to post as he's in the "allow" database for that list.
That's what I was afraid of, since I happened to know Andrew uses *both* addresses (or has been using them), at the very least in private mails sent to me.
How can we defend ourselves from bots spamming the lists using subscribed or allowed addresses...?
the only way is to require everybody to sign their email. But enforcing this would be a serious PITA.
Or do we need to actively monitor/clean up stale entries in the allow list?
this doesn't really reduce the problem.
-- Stefano.
smime.p7s
Description: S/MIME Cryptographic Signature
