> [Original Message]
> From: NoOp <[EMAIL PROTECTED]>
> To: <[email protected]>
> Date: 10/4/2008 7:41:02 PM
> Subject: [users] Re: openoffice.org - Malicious Third-Party Subscription
>
> On 10/04/2008 04:35 PM, Barbara Duprey wrote:
>
> >
> > In a related post, I asked what people thought about just eliminating
> > the "goodbye" confirmation. I don't think malicious unsubscribes are
> > either likely or particularly harmful, and it would be much easier to
> > deal with malicious subscribes. The unsubscribe process could send a
> > message, but not require response, and that would mean that once the
> > subscription account was known, anybody could do the unsubscribe. So
> > when we got one of these "please unsubscribe me" posts, we could just
do
> > it, or tell an apparently unsubscribed OP to look at a full message
> > header to identify the subscriber, then use the
> > [EMAIL PROTECTED] to unsubscribe. Haven't
> > heard any response to that idea yet.
>
> I think that is not a good idea. Without the "goodbye" confirmation
> anyone could possibly unsubscribe you, or anyone else on the list.
>
> Malicious subscribes can only occur if someone has control of an account
> and can respond to the "you have subscribed" confirmation email. If
> someone has control of the email account and is using it to subscribe it
> to mailing lists it is already too late; the email account has been
> already compromised, and should be discarded or the user should have the
> email account password reset & monitored by the email account provider.
>
> The Chuck case is a little confusing, but not altogether unusual. He
> claims that his sbcglobal account was compromised, then a gmail account
> that does not belong to him is forwarding list emails to his sbcglobal
> account:
>
> > Please delete/unsubscribe the email address [EMAIL PROTECTED]
> > from all Google lists. This is NOT my email address and is an
> > address used to harass my business. I would like to know where this
> > email originates so that I can pursue legal action.
> >
> > My email address [EMAIL PROTECTED] has been hijacked by
> > this emailer where I have been forwarded hundreds of lists to my
> > business clogging up my mailbox for the past several weeks.
> >
> > Chuck Evans
>
> 1. First off he should take the issue to the provider of the
> [EMAIL PROTECTED] account (Google) and file an abuse request that
> all email from that account stop forwarding to his sbcglobal account.
>
> 2. He should simply log into his AT&T (sbcglobal.net) account and
> blacklist [EMAIL PROTECTED] and and tag [EMAIL PROTECTED]
> as spam. Note my posting address; I have an sbcglobal.net account so I
> know how easy it is to block emails from any particular email address.
>
> 3. He should realize that his email address [EMAIL PROTECTED]
> hasn't been hijacked by anybody and that the issue seems to be the
> forwarded emails from [EMAIL PROTECTED] to
> [EMAIL PROTECTED]
>
> So now Chuck is trying to unsubscribe [EMAIL PROTECTED], and that
> email address does not belong to him, at least according to his
> postings. He apparently hadn't figured out how to simply unsubsribe
> [EMAIL PROTECTED] (he was still posting via that email
> address in all of his unsubscribe spam). Had he done that (and he
> obviously knows the password to that account) and then
> blocked/trashed/dev-nulled any and all emails from
> [EMAIL PROTECTED] we wouldn't be having this discussion.
>
> What if Chuck thought that Barbara Duprey or NoOp were the culprit and
> tried to unsubscribe us instead? Without a "goodbye" email we'd be
> dropped from the list and have to spend our time trying to get things
> sorted out to get subscribed again. What if as soon as we subscribed
> again the same culprit unsub'ed us again, and again, and again? I know
> that I'd be pretty pissed off if that happened & figure that you would
> as well.
>
> In the end Chuck's hot sauce products look pretty good... but the issue
> with the list is entirely his own problem. Too bad that we probably
> can't get him back as a valid OOo user - looks like he could actually
> use & probably appreciate OOo for his business were circumstances
different.
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
