[Mailman-Users] Bogus/forged subscription attempts: request for comments and possibly data
heller at deepsoft.com
Tue Jun 10 04:48:51 CEST 2014
At Mon, 9 Jun 2014 21:48:38 -0400 "Perry E. Metzger" <perry at piermont.com> wrote:
> On Mon, 09 Jun 2014 17:01:19 -0700 Mark Sapiro <mark at msapiro.net>
> > They are spammers attempting to subscribe to your list(s) via POSTs
> > to the web subscribe CGI. Presumably if they successfully
> > subscribe, they will then spam the list.
> BTW, I don't quite understand this. Why would splatting random
> addresses at you help them? Why not just pick real addresses they
> control? Successfully subscribing is easy, and generating seemingly
> random addresses won't get them subscribed since the addresses will
> never get a confirmation round trip.
It depends. Some 'spammers' use scripts that seek out <form ... method="post"
..> tags and then issue POST requests to the action= attribute. In some cases
this results in 'posting' content of some sort to web sites (eg comment /
forum spam). Or it generates E-Mails to someone who might respond to the
content. In other cases it is a form of denial of service attack, overwhelming
the server. In some cases, it is totally 'mindless', eg generated data using
field names as a guide as to what to generate: such as random E-Mail addresses
for an field with a name like 'email', and so on.
Robert Heller -- 978-544-6933 / heller at deepsoft.com
Deepwoods Software -- http://www.deepsoft.com/
() ascii ribbon campaign -- against html e-mail
/\ www.asciiribbon.org -- against proprietary attachments
More information about the Mailman-Users