A spambot sent a message to the list earlier today.
Before asking hundreds of people whether they got it, check the archives.
Go to https://www.phys-l.org/archives/ and click on current month.
If the message is in the archives, it got sent to the list.
Better yet, look at the From: address. If it says something like
From: "Phys-l" <jbgood@otenet.gr>
then you know it's a clumsy forgery.
For one thing, if you ever got legitimate mail from somebody named
Phys-l, it would not come from the otenet.gr domain. To say the
same thing the other way: In the spam message, in the From: address
there is an inconsistency between the "..." part and the <...> part.
Legitimate phys-l addresses include things like:
Sender: "Phys-l" <phys-l-bounces@www.phys-l.org>
and
From: <phys-l-owner@www.phys-l.org>
and of course
From: John Denker via Phys-l <phys-l@mail.phys-l.org>
Note that they all feature the phys-l.org domain.
=====================
There is no way to prevent clumsy forgeries of this kind within
the email framework. It is possible to enforce rules on the <...>
part of the email address, but not on the "..." part. That's just
a nickname, and nobody really owns a nickname. Consider e.g. the
author of this message.
Email was designed at a time when nobody worried about security.
Email is going to die out one of these days, for this reason among
others. There are already people who rely on other messaging
protocols and cannot be reached by email.