[Mailman-Users] my mailman has been hacked !!

[Russell Clemings]

In addition to the earlier suggestions:

1. Turn on content filtering -- the default settings should remove most if
not all dangerous attachments.

2. Under general settings, set the maximum message size as small as
possible. This not only blocks a lot of viruses but on a discussion list it
prevents people from quoting an entire digest when replaying.

But for broadcast lists, the suggestion about moderating everybody should do
the trick. I just keep emergency moderation (also on general options page)
on at all times for those lists.

rac



> ---------- Forwarded message ----------
> From: Rob MacGregor <rob.macgregor at gmail.com>
> To: mailman-users at python.org
> Date: Wed, 27 May 2009 19:41:15 +0100
> Subject: Re: [Mailman-Users] my mailman has been hacked !!
> On Wed, May 27, 2009 at 19:23, Khalil Abbas <khillo100 at hotmail.com> wrote:
> >
> > HELP!!
> >
> > one of my lists has been hacked.. all members are moderated, except my
> own email address (my at email.com) which I use to post to the list ..
> >
> > someone sent from my address to the list and all my subscribers has
> recieved a damn virus as an attachment!!  but the 'From' name is not me,
> which means that the sender didn't use my email to send but used a kind of
> open-relayed server or something ..
> >
> > please help what should I do ???
>
> Look at the headers and work out what really happened.
>
> Forging email addresses is trivial.  It is the work of a few seconds
> to send an email with somebody else's email address.  You can mitigate
> somewhat by using SPF and DKIM, but it does require that everybody
> checks your SPF and DKIM records - not everybody does.
>
> --
>                 Please keep list traffic on the list.
>
> Rob MacGregor
>      Whoever fights monsters should see to it that in the process he
>        doesn't become a monster.                  Friedrich Nietzsche
>
>
>