I've inherited a 2.1.5 mailman. In the last few days we've been
blacklisted by a number of major sites. On further investigation it
looks like our mailman has been compromised in some way. Emails to the
request address are somehow being used to send spam. There are literally
thousands of them. I've stopped the list for now. Obviously 2.1.5 is way
out of date but I've looked at the changes since then and cannot see
something which looks like this issue although a search for mailman
request exploit brings up a number of entries which are not very
detailed. Does anyone know of an exploit in 2.1.5 which allows spam to
be sent via mailman in 2.1.5?
Thanks
Martin
------------------------------------------------------
Mailman-Users mailing list
[email protected]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9
