[Mailman-Users] Is there a security hole in Mailman?
Jon D. Slater
Jon.Slater at LPBroadband.Net
Mon Feb 13 17:31:00 CET 2006
> -----Original Message-----
> From: mailman-users-bounces+jon.slater=lpbroadband.net at python.org
> [mailto:mailman-users-bounces+jon.slater=lpbroadband.net at python.org]
> On Behalf Of Jeff Donsbach
> Sent: Sunday, February 12, 2006 10:10 AM
> To: mailman-users at python.org
> Subject: Re: [Mailman-Users] Is there a security hole in Mailman?
> On 2/12/06, Jon D. Slater <Jon.Slater at lpbroadband.net> wrote:
> > Hi All,
> > Is there a security hole in Mailman?
> > How are the evil spammers harvesting my list names when they aren't
> > on
> > 'listinfo' page?
> >From the address book(s) of one or some of you subscribers infected
> with a virus/worm?
> > And, more importantly, is there a way to prevent it? (BTW, I'm also
> > SPAM ASSASSIN and a lot of these SPAM messages still get through.)
> Is your list set for "subscribers only" posting? Set your list to hold
> posts from non-members for moderation.
> Keep feeding the spam messages to "sa-learn".
> Jeff D
I'm already doing that. My complaint is that I have to go in and manually
reject or ignore these messages.
How are they getting my list names in the first place?
I don't believe this is an issue where an individual user may have been
compromised, because no single user accesses all the groups on all of the
More information about the Mailman-Users