In addition to the earlier suggestions: 1. Turn on content filtering -- the default settings should remove most if not all dangerous attachments.
2. Under general settings, set the maximum message size as small as possible. This not only blocks a lot of viruses but on a discussion list it prevents people from quoting an entire digest when replaying. But for broadcast lists, the suggestion about moderating everybody should do the trick. I just keep emergency moderation (also on general options page) on at all times for those lists. rac > ---------- Forwarded message ---------- > From: Rob MacGregor <rob.macgre...@gmail.com> > To: mailman-users@python.org > Date: Wed, 27 May 2009 19:41:15 +0100 > Subject: Re: [Mailman-Users] my mailman has been hacked !! > On Wed, May 27, 2009 at 19:23, Khalil Abbas <khillo...@hotmail.com> wrote: > > > > HELP!! > > > > one of my lists has been hacked.. all members are moderated, except my > own email address (m...@email.com) which I use to post to the list .. > > > > someone sent from my address to the list and all my subscribers has > recieved a damn virus as an attachment!! but the 'From' name is not me, > which means that the sender didn't use my email to send but used a kind of > open-relayed server or something .. > > > > please help what should I do ??? > > Look at the headers and work out what really happened. > > Forging email addresses is trivial. It is the work of a few seconds > to send an email with somebody else's email address. You can mitigate > somewhat by using SPF and DKIM, but it does require that everybody > checks your SPF and DKIM records - not everybody does. > > -- > Please keep list traffic on the list. > > Rob MacGregor > Whoever fights monsters should see to it that in the process he > doesn't become a monster. Friedrich Nietzsche > > > ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9