Yes I can feel with you, but how can you be shure, that the spammer got your mail from the list?? I mean, you can't argue, that unsubscribing will/should stop the spammer or do I understand something wrong? Here you may find further help http://spamcop.net/ Its helps you finding out from where the spam came and whom to contact for complaining. It already helped me a lot. Mit freundlichen Grüssen Comptek informatik AG Reinhardt Klippel ________________________________ Comptek informatik AG Poststrasse 9 CH-6300 Zug Tel. ++41 +41 720 20 90 Fax ++41 +41 720 20 99 http://www.comptek.ch ________________________________ At 17:58 22.05.2002 +0200, silverbox wrote:
anyway suse should restart their mail servers or have a deep look into them
! yesterday i unsuscribed from that list.
today i still get that mails :((((
that really sux !!!! On Mittwoch, Mai 22, 2002, at 04:19 Uhr, Comptek informatik AG - R. Klippel wrote:
Is it proven, that the spammer got the mail address from the mailing list?
Lately I came across the following note in the FAQ mail from test- list@suse.com, see the last sentence.
Q2. Envelope from? Header from? All I want to do is post a message to one of your mailing lists! Why is this so complicated? I don't have trouble subscribing to other mailinglists. A2. The header from is probably what you think of as the "from"; e.g. From: foo@bar.com It is contained in DATA portion of the mail (that's the part of the mail that you, as a user, write). The envelope from is written by your mail transport agent, or MTA. That's the thing that your mail client hands the message you just wrote off to to have it delivered. An envelope from looks like this: From foo@bar.com Fri Mar 1 12:59:36 2002 This is who your MTA, in the words of RFC 822bis, says "the author(s) of the message, that is, the mailbox(es) of the person(s) or system(s) responsible for the writing of the message.'' The mailing list software we use (ezmlm+idx) takes the envelope from as the address to subscribe when you email some-subscribe@suse.com. Other mailing list software might use the header from. Other mailing lists might also send bounces back to the list, allow vacation messages to be posted, make it trivial to subscribe someone else to a list without their knowledge, etc. There are lots of good technical reasons why the envelope from is used (which you can read all about at the author's site: http://cr.yp.to/immhf.html) but a big benefit for you is that since the envelope from isn't displayed in list postings¹ and the header from is ignored you can set your header from to be whatever you want. This means that you can use your main email address for the list and, if you mung the address, you won't need to worry about it being harvested by an an evil spammer. In other words, you are encouraged rot13, reverse, GPG encrypt, or do whatever to your header from (*except* leave it unqualified) and it won't affect your subscription at all.
The whole, complete FAQ list is available by sending a mail to test-list-faq@suse.com
So for me it seems to be given, that no one can abuse mail addresses or not?
Mit freundlichen Grüssen Comptek informatik AG
Reinhardt Klippel
________________________________ Comptek informatik AG Poststrasse 9 CH-6300 Zug Tel. ++41 +41 720 20 90 Fax ++41 +41 720 20 99 http://www.comptek.ch ________________________________
At 14:02 22.05.2002 +1200, V K wrote:
In my opinion there should be at least one BIG warning in the subscription confirmation message alerting the user that this list is archived and his E-mail address therefore open to the entire public. I was not aware of this fact as I subscribed.
1) This warning would not be very effective. Besides, it applies to all and every mailing list you subscribe to. To be clear: assume that every mailing list gets archived, and these archives are online to the general public.
2) You are also missing another important point: spammers are subscribed to at least suse-linux-e (funny that the spam rolled in 2 min after I posted), in other words you must assume spammers are subscribed to every mailing list.
Countermeasures are few. Forget protecting the archives as it doesn't deal with 2) above. I find the only useful and practical thing is to use a bogus email address in From:, as Christopher mentioned. Unfortunately, ezmlm seems to be the only list server which can handle that. For this reason I consider mailman, majordomo, etc. to be substandard in this day and age.
Using throwaway email addresses and changing them every 2 weeks is simply not practical because of the high overhead involved in unsubscribing/resubscribing (dealing with the passwords and bla bla).
Volker
-- Volker Kuhlmann is possibly list0570 with the domain in header http://volker.orcon.net.nz/ Please do not CC list postings to me.
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Mit freundlichen Grüssen Comptek informatik AG Reinhardt Klippel ________________________________ Comptek informatik AG Poststrasse 9 CH-6300 Zug Tel. ++41 +41 720 20 90 Fax ++41 +41 720 20 99 http://www.comptek.ch ________________________________