The latest wave of worm laden mail that spoofs addresses managed to catch a jericho@ -> dataloss@ trust relationship which let an attachment go out to the list. This happened a few years back on ISN and we have removed all list addresses from being able to post w/o approval.