On 8/18/21 1:15 PM, David Gibbs via Mailman-Users wrote:
Folks:
Is anyone else seeing requests to their mailman install that look
something like this:
Aug 18 15:10:16 2021 (31166) Hostile listname:
listname=midrange-l__;!!NVq9dfhzMyHqTw!wLl-dt8zxsuQuoyojs-UYmT_d65WZroClHaYGfHduJ561eT0B7baTQV1ogZzQKRRsw$:
remote=52.34.76.65
Basically, the list name is correct, but the added "__;!NV..." makes it
invalid.
A web request for a list with name
'midrange-l__;!!NVq9dfhzMyHqTw!wLl-dt8zxsuQuoyojs-UYmT_d65WZroClHaYGfHduJ561eT0B7baTQV1ogZzQKRRsw$'
was received from IP 52.34.76.65. I.e., something like
http://example.com/mailman/listinfo/midrange-l__;!!NVq9dfhzMyHqTw!wLl-dt8zxsuQuoyojs-UYmT_d65WZroClHaYGfHduJ561eT0B7baTQV1ogZzQKRRsw$
The listname is considered hostile because it contains characters not in
the set mm_cfg.ACCEPTABLE_LISTNAME_CHARACTERS (default [-+_.=a-z0-9]).
This is not usually anything of concern. Brain dead web crawlers do
things like this all the time. Check your web server logs for more info.
--
Mark Sapiro <m...@msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
