[fwd]Mailing lists under attack?
Colin R. Leech
Thanks Chris for forwarding this - I don't subscribe to any of the listowner
mailing lists. (I probably should, but I'm already on too many lists).
I've CC'd my reply to the owner-listex list, help@flora, and ege-listowners
to alert other people to this issue as well. My comments follow:
>>Return-Path: <owner-...@buck.ncia.net>
>>Date: Mon, 14 Apr 1997 15:48:08 GMT
>>From: Cathleen <ca...@interlog.com>
>>Subject: Re: [fwd]Mailing lists under attack?
>>
>>>>Note -- the personal-info fields are filled by the local-part of the
>>>>address and the domain name (sans the top-level field). So I checked
>>>>this morning's subscriptions, and found several MORE just like it.
>>
>>I have been completely FLOODED with subscribe attempts exactly like this!!
>>
>>>>I think that the addresses under attack will be of interest to all of us;
>>>>including Rick's address, above, here is my current list:
>>>>
>>>>ma...@galactica.it
>>rmcc...@gmu.edu
>>matt...@audiophile.com
Ah yes, we've seen these people on our alt-transp subscription list as well.
[others snipped that I didn't recognize]
>>>>in...@baskerville.it
>>>>ph...@rpi.edu
>>>>admini...@rcm.inet.it
I always get a bit interested when I see names like "root" and
"administrator" - not too many "real" people subscribe to mailing lists
from these accounts. This is an advantage of majordomo sending you a
routine notice of every new subscription.
We've had a few like "stnkn...@aol.com" that seem to be pretty blatent,
but this latest wave is unique in that most of the names look like they
could be legitimate.
The problem is that it is relatively trivial to forge the return headers
on an e-mail message, so it's not too hard for people to send in a bogus
address (or even falsely subscribe another person) without majordomo or
listserv suspecting anything. Listserv has an option that requires you to
confirm your susbcription via return e-mail before adding your
subscription - I would advise using this if possible. Perhaps we can
suggest this enhancement for the next version of majordomo, if there are
any programming gurus with some free time lurking out there.
On alt-transp it's generally not too bad, since there don't tend to be
more than half a dozen daily messages that could bounce back to my mailbox
before I log on ad discover the problem. People running high volume
majordomo lists could find their mailbox quite full from this stuff if
they're not constantly monitoring their account.
--
#### |\^/| Colin R. Leech ag414 or crl...@freenet.carleton.ca
#### _|\| |/|_ Civil engineer by training, transport planner by choice.
#### > < Opinions are my own. You may consider them shareware.
#### >_./|\._< "If you can't return a favour, pass it on." - A.L. Brown
Matthew Darwin
Colin R. Leech <crl...@freenet.CArleton.CA> wrote:
> Listserv has an option that requires you to
> confirm your susbcription via return e-mail before adding your
> subscription - I would advise using this if possible. Perhaps we can
> suggest this enhancement for the next version of majordomo
It's already there in the newer versions.
--
Matthew Darwin Westend Family Cinema
Community Volunteer 20 years of great family movies!
mat...@davin.ottawa.on.ca cin...@flora.org
http://www.davin.ottawa.on.ca/~matthew/ http://www.flora.org/cinema/
Colin R. Leech
In a previous message, g...@listex.com ("Gary K. Foote") wrote:
>
>>Listserv has an option that requires you to
>>confirm your susbcription via return e-mail before adding your
>>subscription - I would advise using this if possible. Perhaps we can
>>suggest this enhancement for the next version of majordomo, if there are
>>any programming gurus with some free time lurking out there.
>
>Majordomo 1.9.4 offers this feature now. They must have heard you :)
Thanks for the pointer!