[Mailman-Users] non-subscribers getting through--email address in "Real Name"
Grant Taylor
gtaylor at tnetconsulting.net
Tue Jul 24 21:09:01 EDT 2018
On 07/24/2018 06:51 PM, Mark Sapiro wrote:
> The stolen address books were used to send phishing emails purportedly
> from the owner of the address book the the addresses in the book.
>
> I.e., a message From: a_known_friend at yahoo.com saying things look at
> this great thing I found and a URL to evilsite.com.
>
> Trivial to harvest addresses, but not trivial to know a known associate
> to send the mail From:.
I hadn't thought about the association of the metadata. Thank you for
clarifying.
I do question how much more spam was sent by stealing address books from
large providers compared to viruses / malware doing the same with
address books on infected machines.
> In this context, the innocents are subscribers to mailing lists who
> find themselves unsubscribed by bounce processing because their ISPs
> reject list posts From: other_users at yahoo.com and the operators of those
> mailing lists.
Indeed, unfortunately "friendly fire". :-/
> Of course, you seem to feel that these lists were wrong from the beginning
> for not claiming authorship of the posts by replacing the From: header,
Yes, that's in line with my current view.
> but at the time, this wasn't even an option for most lists.
Lack of an option does not preclude the need for it.
Similarly, ignorance of an option does not preclude the need for it.
Admittedly, I've long struggled with how I thought discussion mailing
lists should behave. Originally I hadn't given any thought to munging
the From: like is suggested for DMARC. That being said, I did want to
direct replies back to the discussion list.
--
Grant. . . .
unix || die
More information about the Mailman-Users
mailing list