[Mailman-Users] mailman and email harvesters

Fri Mar 31 21:30:02 CEST 2006

Mark Sapiro wrote:
> Matthew Clarkson wrote:
>
>   
>> We have switched half (about 15 so far) of our mailing lists from our 
>> majordomo server (with a hypermail based archiving system)  to our new 
>> mailman server.  I have just been notified by my boss that since the 
>> start of the switchover (3 weeks ago) he and a few other people have had 
>> a dramatic increase in spam based activity on their email accounts.
>>     
>
>
> Have they posted, or are they just members?
>
>   

They have all posted.

>> I 
>> checked to make sure my robots.txt on the webserver root was fine with 
>> the following entries
>>
>> User-agent: *
>> Disallow: /pipermail/
>>     
>
>
> Do you really think any spambot is going to honor a robots.txt file?
>
>   

I was aware that this is quite weak, but I knew that if I didn't mention 
it, it would have come up on the response to the initial email..

> If you have public archives, at a minimum you need
>
> ARCHIVER_OBSCURES_EMAILADDRS = Yes
>
> This is the default, but have you turned it off in mm_cfg.py? I'm not
> sure how effective the obfuscation is, but it's probably better than
> 'in the clear' addresses.
>
>   
This is set to obscure addresses (I have not changed any setting, either 
globally or list specific) to change this setting.
>> Also, I verified that all my lists private_roster settings were set to 
>> List members.
>>
>> Can anyone else think of, if it is mailman that is the culprit here, any 
>> settings or ways that email harvesters could grab email addresses from a 
>> mailman server?
>>     
>
>
> Can a spammer subscribe to your list and get the roster and then
> unsubscribe? I don't know if spammers are sophisticated enough to do
> this automatically, and I doubt they do it manually, but it is a
> possibility unless subscription requires approval or the roster is
> limited to admins.
>   
Yes, this could happen with most of our lists, but I would find it hard 
to believe (not that it is still not possible) that a spammer would 
spend his time on doing this for our relatively small (member wise) 
lists, especially as soon as we put our mailing lists up on mailman 
(less than a month ago),  this was the setting on our majordomo server 
for the last 3 years and we did not have this problem at all.

I mostly just wanted to verify with the original email I sent, that 
there wasn't a blatant setting I was overlooking which would lead to 
this.  I am thinking that it's not mailman, but probably another way 
that these harvesters are getting these email addresses.

Thank you very much for your insite and help into this Mark, I (and I'm 
sure many others) appreciate all the help you give this list.

--
Matthew Clarkson