Franck Martin writes: > You can also apply this patch: > > http://bazaar.launchpad.net/~mlm-author/mailman/2.1-author/revision/1341?remember=1338&compare_revid=1338 > > Rather than injecting an invalid domain in the From: and weakening > more the security of email...
If your *primary* concern is preserving the integrity of the email system, the right thing to do is go straight to Privacy | SPAM Filters and add "[.@]aol\.com$" and "[.@]yahoo\.com$" with a HOLD action (can't "reject", unfortunately, because as far as I know significant amounts of spam etc still originate from those domains). Then reject genuine posts and discard spam. This is completely in accord with the "p=reject" policies published by those domains, which not only will result in rejection by most ESPs, but also threaten denial of service to other subscribers. If their users have a complaint about nondelivery, they should make it to their ESPs which publish p=reject. For "security" of email, the right thing to do is to use DKIM and/or strongly encourage your users to use personal digital signatures, and allow recipients to use that information to secure themselves. In my experience GMail does a very good job -- I don't get spam and I don't lose authentic mail as far as I can tell. I don't know what others think. I do know GMail is the haven chosen by all of the people I know who've chosen to leave Yahoo! and AOL recently. Regards, _______________________________________________ Mailman-Developers mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
