[Mailman-Users] non-subscriber managed to post to a subscriber onlylist
Barry Finkel
b19141 at anl.gov
Mon Jan 26 23:03:35 CET 2009
Steve Lindemann wrote:
>Had something strange occur early Saturday morning. A non-subscriber
>managed to successfully post to two member only lists (and, of course,
>it was spam).
>
>The bogus sender (thelevisstoreonline at levis.rsys1.com) is not a member
>of these member only lists and is not in the accept_these_nonmembers
>filter. Other non-member posts are being caught and sent to moderation.
> Is there something else that I should be looking at?
We had a case last week when someone sent mail with a spoofed
"From: ...."
line that contained the e-mail address of the list owner. The mail
was delivered to us via a SMTP mailer of an ISP, and we have in the
mail headers the IP address of the sender. In this case, since the
mail came from the ISP's SMTP mailer, I assume that the mail was not
spam sent directly from some botnet. Due to the content of the mail,
I reported it to the ISP (and have not yet gotten any reply).
After the list owner sent an apology to the list, another list member
said that this sort of mail is more frequent these days, especially
if the e-mail address of the list owner or other members of the list
is available via an Internet search.
In our case, the list owner temporarily moderated his e-mail address.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the Mailman-Users
mailing list