>I think the point was missed here. This was not local users that
SPAMmed or sent NUL messages to the list. The attack was a
dictionary attack which managed to send to the list from a NUL
address.
OK, I see your point. Anyway, preventing this 'NUL Attack' will work
only for moderated _private_ lists. If the list is public, it's sufficient
for the spammer to subscribe and found out the moderator's e-mail address.
As to the list name, he can find it out by sending the LIST command to
[EMAIL PROTECTED] or performing a dictionary attack, as in your case.
That's why I said that, in my opinion, the only way to really protect
the list (including the NUL sender problem) is to set up a password for the
moderator.
Rubens
- Re: [IMail Forum] Blocking GeoList Attacks - Security Hole Rubens Altimari
- Re: [IMail Forum] Blocking GeoList Attacks - Security... ## Dusty Carden
- Re: [IMail Forum] Blocking GeoList Attacks - Security... Jack Davis
- Re: [IMail Forum] Blocking GeoList Attacks - Secu... ## Dusty Carden
- Re: [IMail Forum] Blocking GeoList Attacks - Security... David Gregg
- Re: [IMail Forum] Blocking GeoList Attacks - Security... Rubens Altimari
- Re: [IMail Forum] Blocking GeoList Attacks - Secu... ## Dusty Carden
- Re: [IMail Forum] Blocking GeoList Attacks - Security... John A. Junod
- Re: [IMail Forum] Blocking GeoList Attacks - Secu... ## Dusty Carden
- Re: [IMail Forum] Blocking GeoList Attacks - Security... Rubens Altimari
- Rubens Altimari
