At 0:55 -0400 on 10/05/2007, Robert A. Rosenberg wrote about Re:
Check out E-Mail Problem Creates Message Flood - AOL Ne:
At 23:02 -0400 on 10/04/2007, Ed Finnell wrote about Check out
E-Mail Problem Creates Message Flood - AOL News:
_E-Mail Problem Creates Message Flood - AOL News_
(http://news.aol.com/story/_a/e-mail-problem-creates-message-flood/20071004120009990001?ncid=NWS000100000
00001)
Sometimes you just have to hang your head and laugh....
Although the article does not explain what went wrong (just that he
tried to send a reply) I'd guess that the original message was sent
with the FROM (or SENDER) set to the list address not to a List
Administrator address. Thus any reply would go to the list for
echoing to all the subscribers. In addition, the list would seem to
be of an Announce-Only type where only the Administrator should be
able to submit but seems to allow anyone to submit (a bad idea for
that type of list given its purpose).
It looks like I analyzed the cause correctly. Here is a comment as
reported in a SANS Institute news article on the incident:
The error could cause big trouble if a hacker sent a bad e-mail
attachment with a zero-day security vulnerability "to nail a few
dozen gullible security professionals," Marcus Sachs wrote in the
SANS diary, which documents security incidents.
"If you maintain a broadcast mailing list, make sure that the
address will not reflect e-mail from sources other than the owner of
the list," Sachs wrote. "Otherwise, you will become a training
example for SANS."
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html