On Mon, 2009-01-26 at 13:26 -0800, Mark Sapiro wrote: > If that isn't the answer, then it is possible that, as Lindsay > suggests, the post contained an Approved: header with the list admin > or moderator password.
Mark's answer is probably more likely than mine. I was in the process of reading Mailman code to see exactly which headers are examined for the subscribed member address, and Mark, who probably has the code committed to memory :-) beat me to the punch. Spammers play fast and lose with addresses. It's very possible that one of your subscribers has a virally infected box which harvests email addresses on inbound email and sends them on to collection points. It's also conceivable that, given that we know that this happens regularly, there are viral engines out there, or spamming engines, that specialize in spoofing Mailman lists. Some of the stuff I see coming in that gets shoved into moderation _looks_ as if people are trying to figure out how to game the list. -- Lindsay Haisley | "The difference between | PGP public key FMP Computer Services | a duck is because one | available at 512-259-1190 | leg is both the same" | http://pubkeys.fmp.com http://www.fmp.com | - Anonymous | ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9