Is it possible that the list mod or admin password got out? I believe than anyone can post to a moderated list by putting an "Approved: <password>" header or pseudo-header in a post.
On Mon, 2009-01-26 at 13:40 -0700, Steve Lindemann wrote: > Had something strange occur early Saturday morning. A non-subscriber > managed to successfully post to two member only lists (and, of course, > it was spam). > > The bogus sender (thelevisstoreonl...@levis.rsys1.com) is not a member > of these member only lists and is not in the accept_these_nonmembers > filter. Other non-member posts are being caught and sent to moderation. > Is there something else that I should be looking at? > > I checked the logs and the sender sent to 5 of our hosted lists. They > were caught (per the vette log) by 3 of those lists as a non-member, but > posted successfully to the other 2 lists (per smtp and post logs). > > I've checked the docs and faqs and haven't found a reference for > something like this. I've checked all the logs and the configs (via the > web interface) on the two lists that posted allowed the post. I can't > find any reason for it and have to wonder if I'm checking everything. > I've looked thru everything that makes sense and much that doesn't. If > I had hair I'd be pulling it out! -- Lindsay Haisley | "In an open world, | PGP public key FMP Computer Services | who needs Windows | available at 512-259-1190 | or Gates" | http://pubkeys.fmp.com http://www.fmp.com | | ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9