GNU Mailman

Spam from non-subscriber sent to subscribers-only list

Bug #1203547 reported by Andreas Klöckner
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
Invalid
Undecided
Unassigned

Bug Description

Hi there,

A list that I run [1] just picked up some spam [2,3,4] sent from an address that is not subscribed. The list has generic_nonmember_action set to Reject, and I just tried sending email to the list from a non-subscribed address (which is rejected as expected). Now I'm wondering how the spammer was able to get his messages onto the list. Any help in troubleshooting this would be much appreciated. The offending email's headers are below.

Thanks,
Andreas

[1] http://lists.tiker.net/listinfo/pyopencl
[2] http://lists.tiker.net/pipermail/pyopencl/2013-July/001545.html
[3] http://lists.tiker.net/pipermail/pyopencl/2013-July/001532.html
[4] http://lists.tiker.net/pipermail/pyopencl/2013-July/001546.html

Return-path: <email address hidden>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on coyote.tiker.net
X-Spam-Level: *
X-Spam-Status: No, score=1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DNS_FROM_AHBL_RHSBL,HTML_MESSAGE,MIME_HTML_MOSTLY,SPF_PASS,T_DKIM_INVALID,
 T_KHOP_FOREIGN_CLICK autolearn=no version=3.3.2
Envelope-to: <email address hidden>
Delivery-date: Sun, 21 Jul 2013 11:12:35 -0500
Received: from localhost ([127.0.0.1] helo=coyote.tiker.net)
 by coyote.tiker.net with esmtp (Exim 4.80)
 (envelope-from <email address hidden>)
 id 1V0wFL-0000PF-HM; Sun, 21 Jul 2013 11:12:31 -0500
Received: from cluster2038.monopost.com ([159.253.180.149])
 by coyote.tiker.net with esmtp (Exim 4.80)
 (envelope-from <email address hidden>) id 1V0wFJ-0000Nd-Bd
 for <email address hidden>; Sun, 21 Jul 2013 11:12:29 -0500
Received: from scripts49.ulan (scripts49.ulan [10.20.55.50])
 by cluster2038.monopost.com (Postfix) with SMTP id 7051C8E607A
 for <email address hidden>; Sun, 21 Jul 2013 15:57:31 +0000 (UTC)
X-DomainKeys: Sendmail DomainKeys Filter v1.0.2 cluster2038.monopost.com
 7051C8E607A
DomainKey-Signature: a=rsa-sha1; s=m23uiy45; d=badoo.com; c=nofws; q=dns;
 b=s+YeqnrgY8l4aSwRrPg1uqCqMQXY1vH0B9jMQo5U20zrEeDlcGkYAWAryjDhh/SpS
 nG54ON79cgeYHN4eprpTQNXzv0LJz1SsD2zjAs+VSGLJk0MmnGVlVmirhvXFxNSgrYF
 D1VLKDtV+TMUnkJ37iQIjH8IzHt5oH52/is3MEY=
X-DKIM: Sendmail DKIM Filter v2.7.2 cluster2038.monopost.com 7051C8E607A
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=badoo.com;
 s=m23uiy45; t=1374422251; bh=Lvyl31VRQ6HB8364CS5V4EDVhd8cUnbgfU2iU0
 v7ths=; h=Date:To:MIME-Version:List-Unsubscribe:Content-Type:From:
 Reply-to:Subject; b=WGzIVe65oNGTKQ0jhGTNQLUvMB67cDPR/Y44RBllM/0tkK
 F1lRghwY1omb24ml3mROx6BvLO3pPELtL7s7xZ9rR78CXTJbqp5xCESnZTPp7Tjth6+
 gGuYP0u+uPN9HoNT/jxf0N2mhub7cWqMylwXybSv2zp9/qWHKOaQJ4662U=
Received: by scripts49.ulan (sSMTP sendmail emulation);
 Sun, 21 Jul 2013 15:57:31 +0000
Date: Sun, 21 Jul 2013 15:57:31 +0000
To: <email address hidden>
MIME-Version: 1.0
X-campaignid: badoo 007.29.1.210713155730
From: Badoo <email address hidden>
Subject: [PyOpenCL] =?utf-8?q?=E2=98=85_Pyopencl=2C_Rene_Bon_Ciric_te_ha_d?=
 =?utf-8?q?ejado_un_mensaje?=
X-BeenThere: <email address hidden>
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: <email address hidden>
List-Id: Development and Support List for PyOpenCL <pyopencl.tiker.net>
List-Unsubscribe: <http://lists.tiker.net/options/pyopencl>,
 <mailto:<email address hidden>?subject=unsubscribe>
List-Archive: <http://lists.tiker.net/pipermail/pyopencl/>
List-Post: <mailto:<email address hidden>>
List-Help: <mailto:<email address hidden>?subject=help>
List-Subscribe: <http://lists.tiker.net/listinfo/pyopencl>,
 <mailto:<email address hidden>?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1876104296=="
Errors-To: <email address hidden>
Sender: "PyOpenCL" <email address hidden>
Message-Id: <email address hidden>

Revision history for this message
Andreas Klöckner (inform) wrote :

Never mind. <email address hidden> is subscribed.

Revision history for this message
Andreas Klöckner (inform) wrote :

Sorry for the noise.

Changed in mailman:
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.