Hi All,
I've been away from this list for a while, so the question may have already been asked (and answered). Is there a security hole in Mailman? Here's what I mean. I'm running several servers, all running mailman. *None* of my lists are displayed publicly when you view the mailman/listinfo page. When-ever I use a non-mailman email address on one of my web pages, I always 'munge' it using a java script. Lately I've been bombarded by 100's of spam e-mail messages, but *only to my Mailman lists*. My non-mailman e-mail address (which are munged with java), are never hit. How are the evil spammers harvesting my list names when they aren't on the 'listinfo' page? And, more importantly, is there a way to prevent it? (BTW, I'm also using SPAM ASSASSIN and a lot of these SPAM messages still get through.) Thanks! Jon ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
