On Sat, 31 Jan 2004 01:21:30 -0500, Gene C. wrote:
The Red Hat mailing lists have always been pretty good about filering
out spam
and viruses. However, this MyDoom thing looking like it is sneaking through.
looking at the message headers, it appears to me that Red Hat external
sendmail may be set up to accept mail from the outside without filtering if
it is from a valid @redhat.com user.
Nah, I could post to the list using your name and e-mail address any time
I wish, because your e-mail address is subscribed (!), and hence messages
sent to the list, which appear as coming from a valid subscriber, are
accepted and delivered to the other subscribers.
There's nothing trivial that can be done about it. With a clever
mailing-list interface, subscribers could post to the list only with
password authentication. Even a web interface where they would need to
approve their own postings, would suffice. :o)
--