[Mailman-Users] Mail Lists, Authorized Posters and Virus/Worm Access
Bob Bowers
b-bowers at cox.net
Wed May 5 10:28:59 CEST 2004
In my community last week, someone gained access to a mail list with
hundreds of subscribers by mimicking an email address authorized to post to
the list (moderation bit set OFF). In such a case, moderator approval was
not required. What resulted was that a worm of the W32Beagle variety was
sent to many hundreds of subscribers. I have changed all my mail lists to
require active moderation of all posts (moderation bits are ON for all
subscribers), and automatic rejection of all posts from non-members.
It appears that it was just a matter of time for someone with ill intent to
figure out that the "from" address in a message from a mail list might
represent access to the mail list for mischief. It would not appear
accidental that a virus or worm operating on some unsuspecting individual's
computer accidentally sent itself to the posting address of a mail list as
well as from an authorized email address. It is more likely that it was
deliberate.
More information about the Mailman-Users
mailing list