I've been running lists for years, and the filtering has been pretty good at blocking posts from non-members. But recently, there have been some leaks, allowing non-member spammers to slip a message onto the list. The first time this happened, it turned out to be due to non-alphanumeric characters at the beginning of email addresses in the From: field. So, I made a regex filter that put a stop to that. But now, it has happened again, and I can't see anything unusual about the emails. Has anyone else noticed this happening? One of those emails that say "Can't see images? Click here!" got through. The subject line reads, "[test] Dear t...@mydomain.org Shopping just got a lot easier!" (I've substituted dummy names for real ones.) Where you see four spaces in the Subject line, there instead appeared a small circle. The From: field had the name "Doctor Joe Smith," but on mouseover, it said "t...@mydomain.org." Now I've had many hundreds of emails that spoofed the name of my list in the past. And the program always caught them. This one got through. Doctor Joe Smith is not a subscriber and his name does not appear in any of the non-member filters. I've blocked anything that claims to come from "te...@.*" and that seems to have stopped it, but I don't think the spoofing explains the problem, since mailman had previously blocked about ten posts per day that spoofed the listname. It could be that I've never seen the combination of a person's name and the listname in the From: field. I just don't remember. Any thought? I saved the email.
Skipper
------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
