Re: [Mailman-Users] Help with abusive user...
Trent Fisher wrote: >I have a big problem, and I am hoping someone here has some advice... I have a >person on my mailing list who has been very abusive, but has recently taken a >turn to the creepy (I would call it cyberstalking), and so I have been trying >to eject him from the list. Other responders have given good advice. I just want to address a few technical issues. >Then I set new subscribers to be moderated by default. Then after a pause of >a week or so, he starts posting again. But he cannot as only members may post >to the list. Looking at the email headers it is clear that he must be forging >the email messages to look, to the casual observer, like they are going >through the mailing list, but his messages lack the proper "Reply-To" and all >the "List-*" headers... but he is somehow "on" the mailing list to be getting >the messages to respond to. Does your list have archives? If he is a member, even with delivery disabled, he can visit archives, and if archives are public, anyone can visit them. Is your list roster available to anyone, list members, or only the admin? >So, I set all recent subscribers to "nomail", under the assumption one of them >is him. But his posts (that is, replys to mailing list messages) continue. >So he still has an address on the list, but I cannot figure out which one. > >Here's something weird: someone subscribed a week or so ago, but I cannot find >them on the web interface. I get both subscribe and unsubscribe >notifications, so I know he didn't unsubscribe. Could this guy be exploiting >a bug? Prior to Mailman 2.2 which isn't released yet, changes of address are not logged, so he subscribed and then changed his address. -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
Re: [Mailman-Users] Help with abusive user...
Are you sure that he's receiving the list emails directly? Is it possible that he has a confederate or sympathizer on the list who is forwarding him the original list emails that he is then forging replies to? I would double-check to make sure that even list members cannot see the addresses of other list members, because he may have gotten the email addresses that way. Your original idea of a 'red herring' message with a per-address uniquie identifier is theoretically sound, but it would have to be a message such that it would entice your abusive user to respond to it in order to find your 'leak'. The other responses have the best approach I think. If you don't have Terms of Service already that people had to agree to, then you need to retroactively come up with some, inform your users and require that they respond in the affirmative to the new rules or they're removed from the list. Then if the abuse continues, you definitely need to bite the bullet and move this towards legal action. I think this is especially true depending on what activities of the person lead you to categorize it as cyberstalking. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
Re: [Mailman-Users] Help with abusive user...
On Mon, 31 Jul 2006 12:35:41 -0400 Tom Ray <[EMAIL PROTECTED]> wrote: > Trent Fisher wrote: > > I have a big problem, and I am hoping someone here has some > > advice... I have a person on my mailing list who has been very > > abusive, but has recently taken a turn to the creepy (I would > > call it cyberstalking), and so I have been trying to eject him > > from the list. > > > > > > No matter what you need to contact his ISP and get them to do > something and you need to not be nice about it. ISPs won't take > the risk of legal action being brought against them and will > generally remove the customer from their services. > > Let me know what happens. I've been in a similar situation. I'd certainly follow the advice of Tom. In the meantime I'd put the list on full moderation. If it's a large list with lots of traffic, enlist the help of some trustworthy members who can help moderate. Arrange with those people on the QT, then send an email to members explaining the situation (without details), then set to full moderation and deal with the problem child. Once it's all been dealt with, remove moderation and thank everyone for their cooperation. Whatever you do may cause some people to leave your list. But, it's a much better alternative than to allow this person to totally destroy what you've worked so hard to create ... a community of like-minded people. -- Raquel When you're finally up on the moon, looking back at the earth, all these differences and nationalistic traits are pretty well going to blend and you're going to get a concept that maybe this is really one world and why the Hell can't we learn to live together like decent people? --Frank Borman, American astronaut -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
Re: [Mailman-Users] Help with abusive user...
Trent Fisher wrote: > I have a big problem, and I am hoping someone here has some advice... I have > a person on my mailing list who has been very abusive, but has recently taken > a turn to the creepy (I would call it cyberstalking), and so I have been > trying to eject him from the list. > > First, I set his address to "moderate". He promptly resubscribes with a new > email address and continues where he left off. We did a couple iterations of > that. > > Then I set new subscribers to be moderated by default. Then after a pause of > a week or so, he starts posting again. But he cannot as only members may > post to the list. Looking at the email headers it is clear that he must be > forging the email messages to look, to the casual observer, like they are > going through the mailing list, but his messages lack the proper "Reply-To" > and all the "List-*" headers... but he is somehow "on" the mailing list to be > getting the messages to respond to. > > So, I set all recent subscribers to "nomail", under the assumption one of > them is him. But his posts (that is, replys to mailing list messages) > continue. So he still has an address on the list, but I cannot figure out > which one. > > Here's something weird: someone subscribed a week or so ago, but I cannot > find them on the web interface. I get both subscribe and unsubscribe > notifications, so I know he didn't unsubscribe. Could this guy be exploiting > a bug? > > One thought I had, was to write a script to send out a specially constructed > message to each individual on the list. The message would be "forged" to > look like it came from the list, and each message would have a slight > variation which I can map back to the email address that got the message. > Then I could know which address is his. This seems like a lot of work and it > may not even work. But it's the only thought I've got at this point short of > shutting the list down. > > I have thought about contacting his ISP (Comcast) and seeing if they could > help... but I am reluctant to do this as he seems to have no end of energy > and can carry a grudge to the end of the earth... and, I have heard that he > is a lawyer! So, I have a feeling that would be a very rocky, and ultimately > futile, road to go down. > > Anyway, if anybody has any advice for how to deal with this, or any ideas, I > would be ever so grateful! > > ++thanks, > trent... > 1.027.htp > Have you warned this guy already? I don't mean just removed him from the list but sent him an email(s) that basically stated "Stop or you'll be banned" or "Hey, I warned you. You are now banned."? Is do, did he reply to any of them? I run a small hosting/ISP company and things like this can not be tolerated regardless of the rumored profession. *IF* he is a lawyer then it's even better for you because everything he is doing now to your list is considered SPAM. He's forging headers, he's sending unwanted emails to your list, etc.. The bottom line is this guy is breaking the law and you have recourse. The next big question is do you have a TOS or AUP anywhere the members of this list are supposed to follow and is viewable by the public? If you do then he is definitely violating those agreements and it's really time to stomp on this guy. From the sounds of it you've been nice and now it's time not to be nice. My advice is to go through everything you have that you know is from him and that you suspect is from him and get all the header information, mail server info, etc.. Compile a nice little file showing how this guy has abused your mailing list with SPAM, etc. and then call Comcast and anyone else he's used to do this with, get to their Abuse Dept. and do everything you can to nail this guy to the wall. You have everything you need to drive the nails in so just do it. It also might be worth it to get a consultation from a lawyer who knows about this kind of law. It will be worth the consultation fee for this and future incidents. The reason I say consult a lawyer is because if this guy really is a lawyer and is practicing in one of the 50 states, you maybe able to report him to the Bar Association. I figure they might have a problem with a lawyer breaking the law and using his position as a lawyer to do it. I can't be a 100% on that but it's something to look into. No matter what you need to contact his ISP and get them to do something and you need to not be nice about it. ISPs won't take the risk of legal action being brought against them and will generally remove the customer from their services. Let me know what happens. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options
[Mailman-Users] Help with abusive user...
I have a big problem, and I am hoping someone here has some advice... I have a person on my mailing list who has been very abusive, but has recently taken a turn to the creepy (I would call it cyberstalking), and so I have been trying to eject him from the list. First, I set his address to "moderate". He promptly resubscribes with a new email address and continues where he left off. We did a couple iterations of that. Then I set new subscribers to be moderated by default. Then after a pause of a week or so, he starts posting again. But he cannot as only members may post to the list. Looking at the email headers it is clear that he must be forging the email messages to look, to the casual observer, like they are going through the mailing list, but his messages lack the proper "Reply-To" and all the "List-*" headers... but he is somehow "on" the mailing list to be getting the messages to respond to. So, I set all recent subscribers to "nomail", under the assumption one of them is him. But his posts (that is, replys to mailing list messages) continue. So he still has an address on the list, but I cannot figure out which one. Here's something weird: someone subscribed a week or so ago, but I cannot find them on the web interface. I get both subscribe and unsubscribe notifications, so I know he didn't unsubscribe. Could this guy be exploiting a bug? One thought I had, was to write a script to send out a specially constructed message to each individual on the list. The message would be "forged" to look like it came from the list, and each message would have a slight variation which I can map back to the email address that got the message. Then I could know which address is his. This seems like a lot of work and it may not even work. But it's the only thought I've got at this point short of shutting the list down. I have thought about contacting his ISP (Comcast) and seeing if they could help... but I am reluctant to do this as he seems to have no end of energy and can carry a grudge to the end of the earth... and, I have heard that he is a lawyer! So, I have a feeling that would be a very rocky, and ultimately futile, road to go down. Anyway, if anybody has any advice for how to deal with this, or any ideas, I would be ever so grateful! ++thanks, trent... -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp