Let me add that most configurations of sendmail do *not* record
envelope information in headers. You should know what your system
does. Sendmail V8 does by default but it also changeable.
In any case you are still vulnernable someone guessing the name of
your real outgoing list. I suspect most majordomo servers are setup
following the examples. This means most outgoing lists are named
If you have private lists you can use "obscure" names for
the outgoing lists and just make sure that sendmail doesn't
I suspect that the best longterm fix is for majordomo
to open port 25 to some machine and send mail that way.