I'm the admin of a good sized technical mailing list (running majordomo
and qmail). From time to time, we're the victim of pranks and attacks and
other general nastiness. At the moment, I'm dealing with a relatively
"mild" anonymous alias issue, but a frustrating one none the less:
Someone set up an iname/mail.com account and has it forwarded to the list
address. This acct has been subscribed to many commercial mailing lists
as well... I'm not sure if this was intentional or if it was just a
co-incidence (its the kind of address that some people might use as a
"dummy" address if don't really want to disclose their email but the feild
is required.) Since the list only posts messages from subscribers, these
junkmails don't get distributed, but they do bounce and create errors.
I've also had situations in the past where someone will register a mail
alias, subscribe it to the list, then redirect the alias to the list
address. Even tho this rarely succeeds in creating a loop, it generally
makes life unpleasant and bogs down the server till the errors are sorted
out.
Since iname/mail.com won't just send the password to the email address in
question (you must also answer questions that the person who set it up
would know, birthdate, etc), there's little that can be done on the list
server's side to correct the problem. Filters can be put in place to
prevent iname relays from passing mail to the list address, but that's
just a bandaid. I called the customer service number and left a
voicemail... we'll see what happens.
While it is true that aliasing issues would exist regardless of the
free/anonymous services, these third party alias providers make the task
of tracking down abusers that much more difficult. Privacy issues prevent
the alias providers from disclosing useful information, and while they may
be responsive as far as shutting down an account, that is of little
consolation when the offending party can simply register yet another alias
and start over. I would like to see the alias provider to pass my
complaint on to the offender's ISP (whomever is responsible for the IP
address that the offender was using when he registered and/or made changes
to the alias account), but I somehow doubt that will happen.
The other other list admins and I (as well as the network admins for the
network that hosts the box that the list server runs on) have discussed
banning known anonymous mail relays and other problem sites from
subscribing to the list, for this and other reasons. I'm already the
admin for other lists that have had a more restrictive subscription policy
for a long time... often they require a questionnaire be completed before
they can subscribe. It may be inconvenient, but it seems to help. Anyone
have any thoughts about this?
--jenni baier
