On one of my lists I'm seeing some spam from non-subscribers getting through. It appears that the trick is to put a subscriber's address in the "real name" of the sender. E.g., this got through, without being held for moderation, on a list with generic_nonmember_action = discard (emails of the innocent obfuscated):
*From:* "[email protected] <[email protected]>" <[email protected]> *Date:* July 18, 2018 at 5:27:24 PM CDT *To:* <[email protected] <[email protected]>> *Subject:* *[OSG-l] No. PL-01-17923 AIC Objects Specialty Group Discussion* *Reply-To:* My List's Name <[email protected] <[email protected]>> Account Summary: --------------------------- Invoice No: No. PL-01-17923 Billing Date: Jul 19, 2018 Due Date: Jul 22, 2018 Amount Due: 1,047.48 Download DOC: etc. (I'm avoiding sharing the links that follow). [email protected] IS a subscriber on the list. However [email protected] is not. Yet this message went straight through, as if it had been sent by a subscriber. I've looked at the archives of mailman-users and it looks like--from a very old discussion--that a) this cheap trick should not be sufficient to allow the message through b) the content of the message as delivered to the list may not reflect the exact contents/metadata of the message as it was sent. Still, I don't really know what else could be going on here, or how to investigate. Suggestions? Thanks! Matt ------------------------------------------------------ Mailman-Users mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
