This page: http://www.erlang.org/cgi-bin/ezmlm-cgi/4/11899 has an embedded not-escaped OBJECT. http://yandex.ru/ has already listed erlang.org as a dangereous site, maybe google will soon do the same. I think it would be great to fix mailman to escape user messages.