Fair warning: This post is pretty darn technical and is of little interest to people who don’t muck around with Linux and/or mail servers.
Recently I had a problem with someone on a midrange.com mailing list where they sent obvious spam.
The problem was, they were a subscriber to the list and had posted before … so the normal counter measures for that didn’t work (the first post for all subscribers are held until approved, to prevent people from subscribing, posting spam, and unsubscribing).
The puzzling thing about this was … the ‘from address’ on the message was not in the subscriber list.
Turns out that Mailman will accept message based on the FROM address of the message or the SENDER address (also known as the envelope-from). The sender addressed is set by the sending mail server and is not normally in the body of the message.
After a bit of digging around, I figured out a way to add this information to the message headers so I can more easily diagnose the problem in the future.