[Mailman-Users] Harvesting of email addresses for spam from archives
opensource at unixoses.com
Mon Sep 8 21:00:12 CEST 2008
It helps to disallow but the site is allowing. So possible some engines
will bot the whole site:
On Mon, September 8, 2008 8:25 am, David Beaumont wrote:
> We have had a lot of spams sent directly to our list members (i.e. not
> via mailman). All of them have subject headings taken from list emails
> already sent out genuinely via mailman. Almost all have our specific list
> prefix (but interesting not every one).
> Has anyone else had this recently (started 3rd Sept approx and the
> listed from address has 'kiev' in it)?
> I can only think of 2 ways this has happened
> 1) Our public archives have been harvested by a spammer. This would
> for the subject headings being used. Email addresses are displayed in the
> archives as, literally, 'name at domain.com' which is not immediately
> harvestable but wouldn't take much code to convert ' at ' to '@'. How do
> make this more secure? I notice this list's archives are not standard
> mailman format!
> 2) One of our members PCs has been attacked and the subjects and email
> addresses taken from there. All our emails are delivered with the reply
> address being the list but the originators email showing. This would
> account for a small number of the spams not having our list prefix in the
> subject heading (they would not have the prefix if stored in the sent box
> the person that created the genuine message). However I would expect at
> least some members to report spam with entirely non list subjects from the
> same spammer.
> Mailman-Users mailing list
> Mailman-Users at python.org
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Searchable Archives:
> Security Policy: http://wiki.list.org/x/QIA9
More information about the Mailman-Users