On Sat, 31 Jan 2004 01:21:30 -0500, Gene C. wrote:
The Red Hat mailing lists have always been pretty good about filering out spam and viruses. However, this MyDoom thing looking like it is sneaking through. looking at the message headers, it appears to me that Red Hat external sendmail may be set up to accept mail from the outside without filtering if it is from a valid @redhat.com user.
Nah, I could post to the list using your name and e-mail address any time I wish, because your e-mail address is subscribed (!), and hence messages sent to the list, which appear as coming from a valid subscriber, are accepted and delivered to the other subscribers.
There's nothing trivial that can be done about it. With a clever mailing-list interface, subscribers could post to the list only with password authentication. Even a web interface where they would need to approve their own postings, would suffice. :o)