At 10:29 01/28/2004 Wednesday, Brian Stoughton wrote:
>Hi all.
>
>I'm seeing an issue where virus emails (subject line "Hi" etc...) are being
>sent to some of our lists. These lists are restricted so that only editors
>or owners may send to the list, and they also require confirmation. The
>owners/editors are claiming that they have not received requests for
>confirmation, and I don't see any evidence in the listserv logs that show
>otherwise. Any ideas?
As far as I have experienced:
1) spoofed FROM: field (appearing to come from a list or moderator)
bounces from some third-party and then the person receiving the bounce
thinks it was distributed via the list
2) the Approved-By: RFC822 [?] seems to be the "first" check in bypassing
moderation :-( and a faulty receiver MUA that reflects back to the list
will wreak havoc.