on 1/26/09 4:03 PM, Barry Finkel said:

We had a case last week when someone sent mail with a spoofed

     "From: ...."

line that contained the e-mail address of the list owner.  The mail
was delivered to us via a SMTP mailer of an ISP, and we have in the
mail headers the IP address of the sender.

Someone tried to hit the mailman-users list like this, and forged my own e-mail address to do it. Fortunately, they got caught by our anti-spam filters and rejected, and I only found out because the bounce message was not deliverable. Oy.

I have complained to the ISP in question, but the problem is that replies to that message are going to run afoul of the same anti-spam filter, so I'm probably not going to see them. I'm in the process of trying alternative methods of contact.

Fortunately for me, I happen to know the guy who runs the Internet Security group at this large broadband ISP (he's a former co-worker of mine from my AOL days), and he is the primary reason why I consider this to be one of the best large ISPs around.


Yes, I am going to be tightening the security on this list.

--
Brad Knowles
<b...@shub-internet.org>        If you like Jazz/R&B guitar, check out
LinkedIn Profile:                 my friend bigsbytracks on YouTube at
<http://tinyurl.com/y8kpxu>    http://preview.tinyurl.com/bigsbytracks
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

Reply via email to