[Mailman-Users] non-subscriber managed to post to a subscriber onlylist
Brad Knowles
brad at shub-internet.org
Tue Jan 27 02:54:52 CET 2009
on 1/26/09 4:03 PM, Barry Finkel said:
> We had a case last week when someone sent mail with a spoofed
>
> "From: ...."
>
> line that contained the e-mail address of the list owner. The mail
> was delivered to us via a SMTP mailer of an ISP, and we have in the
> mail headers the IP address of the sender.
Someone tried to hit the mailman-users list like this, and forged my own
e-mail address to do it. Fortunately, they got caught by our anti-spam
filters and rejected, and I only found out because the bounce message
was not deliverable. Oy.
I have complained to the ISP in question, but the problem is that
replies to that message are going to run afoul of the same anti-spam
filter, so I'm probably not going to see them. I'm in the process of
trying alternative methods of contact.
Fortunately for me, I happen to know the guy who runs the Internet
Security group at this large broadband ISP (he's a former co-worker of
mine from my AOL days), and he is the primary reason why I consider this
to be one of the best large ISPs around.
Yes, I am going to be tightening the security on this list.
--
Brad Knowles
<brad at shub-internet.org> If you like Jazz/R&B guitar, check out
LinkedIn Profile: my friend bigsbytracks on YouTube at
<http://tinyurl.com/y8kpxu> http://preview.tinyurl.com/bigsbytracks
More information about the Mailman-Users
mailing list