Robert Boyd Skipper wrote: > >Thank you for this information. The headers don't seem to be the problem, as >they >contain non-member emails. I don't have direct access to the mm_cfg.py file, >and I >can't find a user_envelope_sender in the web-based administration pages. So I >haven't >checked into that.
Here's something you can try. Since you don't have access to mm_cfg.py, I assume you don't have direct access to archives/private/listname.mbox/listname.mbox either, but you can get it from the web (if it's not too humongous) with a URL like <http://www.example.com/mailman/private/listname.mbox/listname.mbox>. If you find the message(s) there, the initial "From " line and the Return-Path:, if any, have the envelope sender. Then, the Reply-To: and Sender: if any will be as in the original post, assuming your list isn't anonymous and doesn't mung the Reply-To: >However, I do have one more fact that may be relevant. I just received >another spam >posting that got through. It and the previous one both have emails that begin >with an >underscore: [EMAIL PROTECTED] and [EMAIL PROTECTED] >So, as a possible quick fix, I've set the Spam filter rule 1 to the following > >from: [EMAIL PROTECTED] > >Maybe this will work? It should, assuming there's no 'real name' between From: and the address and the address isn't in <>. I woul be inclined to try something along the lines of ^from:.*[ <]_[^<> [EMAIL PROTECTED] If you give this rule a Hold action, then you can see the original held message with the original incoming headers intact. You will even see the presence of an Approved: header or body line if any, although this isn't likely to be the reason the message gets through as it requires the list's admin or moderator password. -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
