[Mailman-Users] Robotic subscription attacks
Mark Sapiro
mark at msapiro.net
Tue Apr 12 20:47:12 EDT 2016
There have been discussions of these robotic subscribes on this list in
the past. Up until a couple of days ago, the ban_list or GLOBAL_BAN_LIST
regexp '^.*\+\d{4,}@' i.e., any email address whose local part ends with
'+' followed by 4 or more digits) has been effective at blocking
virtually all of them I've seen.
Now there is a new pattern. So far all the new ones I've seen match
'^[a-z]{4,}\.?[a-z]{4,}\+[a-z]{4,}@gmail\.com$'. Some examples are
dramaalertbiz+<letters>@gmail.com
kemo.mart+<letters>@gmail.com
kezukaya+<letters>@gmail.com
killerkeemstar+<letters>@gmail.com
leafylagann+<letters>@gmail.com
newdramaalert+<letters>@gmail.com
ooktap.yaylea+<letters>@gmail.com
ubercoffeetime+<letters>@gmail.com
where <letters> is a string of 4 or more random letters.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list