[Mailman-Users] Virus Just Got Through on TOTALLY MODERATED list.
JC Dill
lists05 at equinephotoart.com
Sat Jan 29 07:50:11 CET 2005
Dan Mahoney, System Admin wrote:
> Guys,
>
> I just had a small problem. A virus was just sent to all the list
> members which had spoofed the moderator's email address. No "requires
> approval" message was sent, despite the fact that everyone (even the
> moderator) has the "mod" bit set to "on".
>
> http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.ba@mm.html
>
OK, I'm just speculating here... what if there's a virus/trojan out
that is able to take email that a user had already sent (email in the
"sent" folder), and resend it with a virus payload (in this case, the
beagle.ba virus above)? If it grabbed an email that the moderator had
sent to the list with the Approved: password included, and just appended
the virus payload, it would result in what you saw, right? What was the
subject of the virus-laden email, was it a subject that had been
previously posted to your list.
<soapbox>
This is why my lists don't allow any attachments at all. IMHO, the
"benefits" of making it easy for people to send files to a mailing list
are outweighed by the "costs" (when a virus gets thru). I tell posters
to put the file on a server and then email a post with a link to the file.
</soapbox>
jc
More information about the Mailman-Users
mailing list