[Mailman-Users] Fwd: Subscription bomb tracing - feature request.
Christopher Schulte
christopher at schulte.org
Wed Jan 5 01:49:30 CET 2000
This was sent to bugtraq, and I figured it'd be of interest to you guys in
case you don't subscribe to it.
Does mailman already have the ability to trace such fraudulent subscribe
requests and such?
Comments?
--------chris
>Approved-By: aleph1 at SECURITYFOCUS.COM
>Delivered-To: bugtraq at lists.securityfocus.com
>Delivered-To: BUGTRAQ at SECURITYFOCUS.COM
>X-Sender: alanb at mailhost.manawatu.net.nz
>Date: Tue, 4 Jan 2000 15:15:22 +1300
>Reply-To: Alan Brown <alan at MANAWATU.GEN.NZ>
>Sender: Bugtraq List <BUGTRAQ at SECURITYFOCUS.COM>
>From: Alan Brown <alan at MANAWATU.GEN.NZ>
>Subject: Subscription bomb tracing - feature request.
>X-To: BUGTRAQ at SECURITYFOCUS.COM
>To: BUGTRAQ at SECURITYFOCUS.COM
>
>There have been quite a few subscribe bombs tossed around recently.
>
>While it's nice to see that most mailing list admins use confirm
>requests now, it would be a great help if the confirm requests contained
>at least the headers of the original request, to aid victims in tracing
>their attacker(s).
>
>One attack recently notified to ORBS attempted to sign the victim up to
>26,000 different lists via insecure email relays.
>
>The confirmation requests alone constituted a fairly substantial denial
>of service attack, as did the huge number of bounces the victim got.
>
>I've only ever seen one mailing list which actually showed where the
>signup request came from. Times are still changing and adding an audit
>trail would make life easier all round.
>
>AB
More information about the Mailman-Users
mailing list