Am 19.08.20 um 11:51 schrieb Andy Smith via mailop: > Hi, > > Not sure if this is the best place to mention this, but… > > Since yesterday I've been seeing a large number of attempted > subscriptions to all the public lists on one of my Mailman servers. > There's so far been 160 attempted subscriptions for 69 unique email addresses. > > These addresses never complete the process to sign up, and indeed > email delivery to many of these addresses is currently temporarily > rejected as they are receiving emails at too high a rate.
I've seen them too, apparently most are hosted with Colocation America (AS21769), some with RELIABLESITE if that's the right name (AS23470). Had to disable Mailman web access. The goal is apparently to spam the "subscribing" addresses through the Mailman responses which apparently include a "name" given by the bot which is most likely just a spam link. This kind of spam has been going on for a while using normal contact web forms, some of the Sendgrid spam was caused by this, too. Spamming through abuse of regular services instead of renting hosts or utilizing botnets directly seems to be a trend, maybe blocking dynamic IPs and spammer-friendly hosters does have an effect. However, since I reject dynamic IP and spammer-friendly hosting myself pretty reliably, it's possible that the residue of spam stuill getting through is of this different kind. Cheers, Hans-Martin _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop