At 10:29 01/28/2004 Wednesday, Brian Stoughton wrote: >Hi all. > >I'm seeing an issue where virus emails (subject line "Hi" etc...) are being >sent to some of our lists. These lists are restricted so that only editors >or owners may send to the list, and they also require confirmation. The >owners/editors are claiming that they have not received requests for >confirmation, and I don't see any evidence in the listserv logs that show >otherwise. Any ideas? As far as I have experienced: 1) spoofed FROM: field (appearing to come from a list or moderator) bounces from some third-party and then the person receiving the bounce thinks it was distributed via the list 2) the Approved-By: RFC822 [?] seems to be the "first" check in bypassing moderation :-( and a faulty receiver MUA that reflects back to the list will wreak havoc.