[Mailman-Users] Mailman under attack

Fil fil at rezo.net
Thu Nov 14 19:32:06 CET 2013


I just noticed a lot of backscatter spam, my Mailman installation was
starting to send subscription verifications to a lot of
ALLCAPS at hotmail.comaddresses, on a test list that no one is supposed
to be using.

I traced it to this site :


if you view source you will see that it opens a lot of iframes on 284
Mailman installations, and tries to auto-subscribe its victims email
adresses to different lists (392 in total).

I have put the page HTML source as well as the list of targeted servers and
lists in the attached zip file.

Do you know how to stop this efficiently?

-- Fil

More information about the Mailman-Users mailing list