[Mailman-Users] Re: addition to TODO list

Jon Carnes jonc at nc.rr.com
Sat Dec 27 02:34:39 CET 2003

A sad tale indeed.

Edit your mailservers /etc/mail/access file and put a big fat REJECT by
his domain name!

Good luck - Jon Carnes

On Fri, 2003-12-26 at 18:49, Roberto Perez wrote:
> At 11:54 AM 12/26/03, Jon Carnes wrote:
> >Fortunately Roberto, most spammers don't use Mailman.  There is a *lot*
> >of other programs out there that allow them to spam from windows boxes
> >(as well as Unix).
> That's true in most cases, but in our university we are being spammed with 
> a news bulletin no one subscribed to, managed by a mailman program. The 
> spammer has disabled the web interface, and since we did not subscribe 
> ourselves, we don't have the individual passwords to unsubscribe via email. 
> In the wrong hands, mailman can unfortunately be a powerful tool ...
> >Santa has already answered your "ToDo" request,  The password command
> >retrieves passwords via email
> I got the "help" file from the mailman-administered list described above 
> (version 2.0.11), and there was no "password" command. Are we maybe talking 
> about different versions of mailman? Or maybe the "password" command is not 
> documented in the help file?
> >- though it is unnecessary as the
> >unsubscribe command removes folks without need of the password - you
> >have to respond to the email as a confirmation.
> Actually, in this case that I'm describing, sending an email to 
> "list-request" with an "unsubscribe" command does not work. The message is 
> rejected with a note saying the right command should be "unsubscribe 
> <password>", and no confirmation is sent.
> So, if you (or anyone else) know how to either recover our individual 
> passwords without a web interface, or unsubscribe in some other way, I'd 
> appreciate ideas/suggestions.
> Regards,
> Roberto Perez
> rgpg at technologist.com

More information about the Mailman-Users mailing list