[Mailman-Users] Mail Lists, Authorized Posters and Virus/Worm Access

Bob Bowers b-bowers at cox.net
Wed May 5 10:28:59 CEST 2004

In my community last week, someone gained access to a mail list with 
hundreds of subscribers by mimicking an email address authorized to post to 
the list (moderation bit set OFF). In such a case, moderator approval was 
not required. What resulted was that a worm of the W32Beagle variety was 
sent to many hundreds of subscribers. I have changed all my mail lists to 
require active moderation of all posts (moderation bits are ON for all 
subscribers), and automatic rejection of all posts from non-members.

It appears that it was just a matter of time for someone with ill intent to 
figure out that the "from" address in a message from a mail list might 
represent access to the mail list for mischief. It would not appear 
accidental that a virus or worm operating on some unsuspecting individual's 
computer accidentally sent itself to the posting address of a mail list as 
well as from an authorized email address. It is more likely that it was 

More information about the Mailman-Users mailing list