Mark Sapiro wrote:
Martin Evans wrote:
Mark Sapiro wrote:
If I understand correctly what you are saying, spam is being sent to
the list-request address with a From: header containing an innocent
3rd party address. The response from Mailman, which contains the
original message, is sent to the innocent 3rd party.
Actually that is not the case. It appears spam is sent to the request
address and it ends up being sent to an innocent 3rd party without any
mailman text at all. It is difficult for me to diagnose this as my mail
server has been blacklisted by so many places I've had to disable
mailmain completely. I saw lots of emails coming in to the request
address and caught some of the identical emails stuck on my outgoing
mail queue due to failure to send. What happened in between I cannot say
right now.
Do your MTA logs or the outgoing queue entries give any clues. I'd be
interested in the timing of the messages to the -request address
relative to the outgoing messages, and the envelope sender of the
outgoing messages.
I don't know of any way that Mailman would resend a message from the
-request address without Mailman added text.
Sorry, I was mistaken, there is a little mailman text in the message -
we were spamming so much I got lost in all the messages. What follows is
what I copied off the mail queue at the time:
--===============1172181569==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
The results of your email command are provided below. Attached is your
original message.
- Unprocessed:
Viagrapills Cialix Pills FemaleViagra Phentrimine
PenisGrowth Pack SQMA Tramadol Levitr & 410
more meds to choose From Please get your Free 4 - 12 ViagraPills from
us http://kciu.pclinx.cn
- Done.
--===============1172181569==
Content-Type: message/rfc822
MIME-Version: 1.0
Received: from vlxqyggr (bd223d4f.virtua.com.br [189.34.61.79] (may be
forged))
by xxxx.xxxxxxxx.com (8.14.0/8.14.0) with SMTP id m8EEbNYe015008;
Sun, 14 Sep 2008 15:37:32 +0100
To: <[EMAIL PROTECTED]>
Subject: 82%-92% Off Price!! ViagraPills $1.40/pill, Cialix
Pills$2.21/pill,
super LowPrice just for You tyjlt 2v4
X-Sender: <[EMAIL PROTECTED]>
Sender: <[EMAIL PROTECTED]>
From: "xxxxx xxxxx" <[EMAIL PROTECTED]>
Reply-To: "xxxxx xxxxx" <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Date: Sun, 14 Sep 2008 07:18:39 -0700
Content-Type: text/plain;
charset="iso-8859-2"
Content-Transfer-Encoding: 8bit
We Give You FreeViagraPills (Free 4 - 12 pills With any Order)
Viagrapills Cialix Pills FemaleViagra Phentrimine
PenisGrowth Pack SQMA Tramadol Levitr & 410 more meds to
choose From
Please get your Free 4 - 12 ViagraPills from us
http://kciu.pclinx.cn
--===============1172181569==--
So it appears it was handled as an unprocessed command.
I don't really want to start mailman up again as we cannot
afford to be black listed since we do most of our business online and
after a weekend of not spamming people we may get off some of the black
lists.
Current Mailman through 2.1.11 will behave the same. These issues will
be addressed in 2.2.
In the mean time, the best solution is effective spam filtering ahead
of Mailman. Barring that, you can disable the -request and perhaps
other support addresses and force everyone to use the web for
subscribing, confirming, etc.
That is a reasonable alternative I'll look in to.
Also, see the FAQ at <http://wiki.list.org/x/NQAy>.
Thank you and sorry for the mistake suggesting there was no mailman text
in the replies.
Martin
------------------------------------------------------
Mailman-Users mailing list
[email protected]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9
