[Mailman-Users] Spoofing Issue
Andrew Tait
antait at blueyonder.co.uk
Mon Apr 5 20:16:07 CEST 2004
Hello,
On Mon, 5 Apr 2004 08:55:41 -0400, Doug Straight
<dstraigh at rochester.rr.com> wrote:
> We had an event on Saturday where all 8,000 members got an infected email
> from the list. It looked just like the newsletter we sent out in most
> cases
> My web hosting contact tells me that this is a case of someone
> "spoofing" as
> our administrator and using our email (only the mailing list was
> effected)
> and sending out a message to the whole list. I was wondering if you
> thought
> that was possible.
I'm sure that it is possible. AFAIK the only thing required to post to a
list is a valid From: address, ie it doesn't do any fancy checking, so if
B[e]agle managed to infect a computer that had the administrator's email
address AND the mailing list email address, it is possible. In any set of
circumstances, someone who has hit "Reply" or "Reply all" to one of your
messages will have this scenario.
Unlucky! Maybe you want to moderate yourself, at least in the short term,
then you're immune to the message going into the wild? If you really only
use the list once a month, then unmoderate, send, and remoderate. Or just
send and approve.
Cheers,
Andrew
More information about the Mailman-Users
mailing list