Great Circle Associates Majordomo-Users
(February 2000) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Fwd:
From: Shauna Swenson <shauna_swenson @ yahoo . com>
Date: Wed, 9 Feb 2000 10:18:59 -0800 (PST)
To: majordomo-users @ greatcircle . com 
Hi!

I'm not sure if this question is appropriate for this
list. If not, I would appreciate it if you would guide
me in the right direction.

I've got a moderated listserv. Someone sent
unsolicited mail to the list, set the list owner as
the sender, and bypassed the approval.

How do I prevent this from happening again?

Here's what I found in the mail log: 
==
Feb  8 16:49:03 <host> sendmail[17732]: QAA17732:
Authentication-Warning: <host.domain>: majordom set
sender to owner-majordomo using -f
--

According to the sendmail man page, only a trusted
user (normally root, daemon, and network) can use the
"-f" option in that manner.

The user majordom has a UID of 43 and a GID of 41
which is not the same as root's or daemon's. "network"
is not in the passwd file.

I would appreciate all the information you can
provide. Thank you.
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
Follow-Ups:
  • Re: Fwd:
    From: Jeff Lasman <jblists@nobaloney.net>
  • Re: Fwd:
    From: Bob <mirader@zoso.net>
Indexed By Date Previous: Re: statistique usage report of mailing list
From: David Gibbs <david@midrange.com>
Next: Re: Pricing for hosting lists
From: "Bill Casti (System Admin)" <help@quality.org>
Indexed By Thread Previous: RE: MAJORDOMO ABORT (mj_resend)
From: Pete Norton <pete.norton@orenco.com>
Next: Re: Fwd:
From: Bob <mirader@zoso.net>
Google
 
Search Internet Search www.greatcircle.com