[Mailman-Users] Harvesting of email addresses for spam from archives

Mark Sapiro mark at msapiro.net
Mon Sep 8 18:53:11 CEST 2008 

David Beaumont wrote:

>We have had a lot of spams sent directly to our list members (i.e. not sent
>via mailman).  All of them have subject headings taken from list emails
>already sent out genuinely via mailman.  Almost all have our specific list
>prefix (but interesting not every one).
>
>Has anyone else had this recently (started 3rd Sept approx and the spammers
>listed from address has 'kiev' in it)?


I have not seen it.


>I can only think of 2 ways this has happened
>
>1) Our public archives have been harvested by a spammer.  This would account
>for the subject headings being used.  Email addresses are displayed in the
>archives as, literally, 'name at domain.com' which is not immediately
>harvestable but wouldn't take much code to convert ' at ' to '@'. How do we
>make this more secure? I notice this list's archives are not standard
>mailman format!


I assume by 'this list' you mean mailman-users at python.org. In what way
are the archives "not standard"?

It would take modifications to the mailman archiving code to change the
obfuscation of email addresses.

While it certainly would not be difficult for spammers to abuse your
public archive in this way, I am a member of several Mailman lists
with public archives and I post at least occasionally to them and I
haven't received any spam like that you describe.


>2) One of our members PCs has been attacked and the subjects and email
>addresses taken from there.  All our emails are delivered with the reply to
>address being the list but the originators email showing.  This would
>account for a small number of the spams not having our list prefix in the
>subject heading (they would not have the prefix if stored in the sent box of
>the person that created the genuine message).  However I would expect at
>least some members to report spam with entirely non list subjects from the
>same spammer.   


What you say above all seems correct to me.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list