On 05/16/2017 08:17 PM, Daniel Kahn Gillmor wrote:
>
> surely it's easy for an attacker to guess moderation-free sender
> addresses by a quick scan of the list archives as well.
Only if there are public archives.
I realized I am more or less immune from this attack for my several
production lis
On Tue 2017-05-16 13:29:21 +0100, Jonathan Knight wrote:
> I think the real name if its available and the list owner address if not.
> If you use the local part (e.g. j.knight) would still make it possible to
> guess the @keele.ac.uk if the mailing lists are all hosted on
> maillists.keele.ac.uk.
Hey Abhilash!
On 05/14/2017 08:18 AM, Abhilash Raj wrote:
>> - As it was proposed on this list a plugin-like implementation of
>> encrypted mailing lists is really the only way to go forward here,
>> as just pushing in what might end up being a rather niche feature
>> into Mailman Core is not mai
Hi,
I need to use the text of "description or information filed" used to
describe the mailinglist and put this information in the firsts lines
e-mail. Like the credits but on head of email.
How I can do it?
Thank's a lot
___
Mailman-Developers mailing l
Hi Barry
I think the real name if its available and the list owner address if not.
If you use the local part (e.g. j.knight) would still make it possible to
guess the @keele.ac.uk if the mailing lists are all hosted on
maillists.keele.ac.uk.
I can't think of a better solution.
Jon.
On 16 May 2
On May 16, 2017, at 09:29 AM, Jonathan Knight wrote:
>There's not a lot that can be done to protect against that other than
>changing the "list is run by" so that the administrators real email address
>isn't obvious.
I suppose we should either use the moderator's real name, or just the local
part
Mark is right.
The spamming process was to scrape the listinfo page and locate the "list
is run by" line and then de-obfuscate the "j.knight at keele.ac.uk" into "
j.kni...@keele.ac.uk". Then an email was faked using j.kni...@keele.ac.uk
as the sender to see if the list is either unmoderated or w
