Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 12 Apr 1999 15:35:14 -0700 (PDT)
From:      David Wolfskill <dhw@whistle.com>
To:        freebsd-isp@FreeBSD.ORG
Subject:   Re: Bad sapm problem
Message-ID:  <199904122235.PAA98363@pau-amma.whistle.com>
In-Reply-To: <199904122213.IAA90108@spooky.eis.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help 

>From: Ernie Elu <ernie@spooky.eis.net.au>
>Date: Tue, 13 Apr 1999 08:13:57 +1000 (EST)

>we are getting a flood of porn spams from address like sandra2744@mci.net

>Somehow they have gotten hold of our a complete list of users email addresses 
>from 2 FreeBSD servers which don't have shell access, and ftp is restricted
>to your home directory.

>Heard of anything like this ever happening? Or how it can be blocked?

Not that particular address, no.

But I did catch an "interesting" abuse of majordomo the other day.  Some
twerp sent the following to our majordomo server:

	lists
	which @
	end

I had locked down the appropriate lists so that only the intentionally
public ones were listed from "lists", but I had neglected to lock down
"which".  That has now been changed; the default ("open") behavior of
"which @" is to report each email address that has "@" in it.  This
tends to be a rather non-exclusive list....  :-(

A given mailing-list manager may change the setting (in the "config"
file for the list) to (say) "closed".  That addresses (no pun intended)
the issue adequately, from what I saw.

(I also hacked the copies of majordomo that we run here and at home to
permit the mailing-list manager to require that the list name be
mentioned in at least one of a set of (specified) headers, such as "To:"
or "Cc:".  The m-l manager has the option, if a message is found that
doesn't meet the criteria, to either bounce the message to the m-l owner
or feed it to a Boojum.  I generally prefer the latter, as my diet seems
to include an adequate amount of email, and I wouldn't want any Boojums
to starve on my account.)

Cheers,
david
-- 
David Wolfskill		UNIX System Administrator
dhw@whistle.com		voice: (650) 577-7158	pager: (650) 371-4621


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904122235.PAA98363>