>>>>> "Mike" == Mike Avery <[EMAIL PROTECTED]> writes:
Mike> Looking at the archives to the mailing list, I've seen that Mike> different people have had this problem since 2003 in one Mike> form or another. Actually, not. (See below.) Mike> Still, it seems Mailman should be able to handle the illegal Mike> data a bit more elegantly.... what's the old system designer Mike> mantra, "Never test for an error condition you don't know Mike> how to handle"? The error condition being tested for is "all other errors", and we know how to handle those ... "preserve the post, log the condition, and let someone burn real neurons figuring it out." Although I'm not a Mailman developer, I do know a little about I18N, and it seems to me from a brief look at the code that the problem is that there are a number of different ways that such data can leak out to where it needs to get processed, and the process has been to fix them in place as they are identified. (I've seen two or three of these bugs fixed in the last year, I suspect your spammers have found Yet Another Path to the error handler.) What really needs to be done for Mailman 2.1 is a complete audit of all the places where headers are accessed, but you know how expensive that is. For Mailman 3, what probably should be done is to rip out all of the current just-in-time I18N processing of headers, and preprocess every header, tagging them with their charsets. Binary headers would be tagged as "bogus" rather than "binary." Now if I could just beg, borrow, or steal a few "round tuits".... -- School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN Ask not how you can "do" free software business; ask what your business can "do for" free software. ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp