[Mailman-Developers] FYI -- mailback validations no longer safe?

Chuq Von Rospach chuqui@plaidworks.com
Sat, 9 Dec 2000 08:26:06 -0800 

At 3:09 AM -0600 12/9/00, Christopher Lindsey wrote:

>    Yes, this has definitely been troublesome.   I've blocked many
>    commercial sites like findmail.com (egroups) and remarq.com from my
>    lists because of their secret archiving that displays email addresses
>    to the public, but at least they don't spam the lists back.  But
>    of course anyone can browse these sites and get addresses to their
>    heart's content, then forge MAIL FROM: to sneak mail into the lists.

Ya know, I hadn't thought of that -- I've wokred at closing off my 
list archives from the spam harvesters, but I'd never thought of the 
list archives as a source of addresses to use to spam ONTO the lists. 
(shudder). That's a real, legitimate issue, because you're basically 
handing them access.

damn. I have to go rethink that again.

And I realized, after I posted, that as long as there are free e-mail 
sites (netscape.net, hotmail, etc), you don't even need to create or 
hack domains to do this. Over a period of a week, create a thousand 
email accounts on the various free sites. Then you can set up the 
mailbots to start using them to subscribe and spam. As admins get 
accounts nuked by the free sites, simply disable them, move to other 
ones in your collection, and create some more. Even under the best of 
circumstances, it'd be tough to impossible for the admins of a place 
like hotmail to keep ahead of that, and their only real block is an 
IP block -- and if you have multiple IPs... This charade could go on 
for a long time.

>    ) are definitely moving in the right direction with S/MIME
>    signatures/encryption and X509 user certs, but that still doesn't
>    stop someone from using throwaway certs to spam several lists or
>    from harvesting addresses.

And it doesn't help the reality that most users can't/won't do this, 
and it simply means you'll scare away legitimate issues, which is 
like being so scared of having the cow stolen you weld the barn door 
shut. The cow doens't get stolen, but it eventually starves to 
death...

>    For now I'd say that the best method is a social one; require
>    references when people want to subscribe to your list.


that works if you have active listowners and a small list. Imagine me 
doing that for a large list with dozens of subscriptions a day -- on 
my big mailman site, I'd have to hire staff to even START doing that. 
Not practical, unfortunately.

But Murr Rhame on list-managers said something that made me think of 
a possible answer -- new subscribers automatically go into "hold for 
approval" mode. it'd be another flag in the user record (like digest 
or nomail), and when you subscribe, it's turned on. All messages are 
held for the admin to approve. Once an admin can trust a new account, 
he turns off the flag and they post without restriction.

There are some topics and lists wher ethis would be a good thing to 
have, because of the incendiary aspects of the topic, or because (in 
my case) there are problems with trolls....

-- 
Chuq Von Rospach - Plaidworks Consulting (mailto:chuqui@plaidworks.com)
Apple Mail List Gnome (mailto:chuq@apple.com)

We're visiting the relatives. Cover us.