Summary: | Gentoo-hardened email list possibly compromised | ||
---|---|---|---|
Product: | Gentoo Infrastructure | Reporter: | Tobias Hahn <tobhahn> |
Component: | Mailing Lists | Assignee: | Gentoo Infrastructure <infra-bugs> |
Status: | RESOLVED INVALID | ||
Severity: | major | CC: | rbu |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://marc.info/?l=gentoo-hardened&m=121169291127556&w=2 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Tobias Hahn
2008-05-25 14:42:59 UTC
Reassigning to Infra. You're on crack and overreacting. It is not a compromise nor misconfiguration. It's called spam. Lots of lists can be easily spammed by having the spammer send mail to auto-responder forging both the subscription address AND the list itself (two separate mails). 1. Spammer mails $LIST-subscribe, forging the envelope "MAIL FROM: $AUTORESPONDER" AND the From header. 2. List sends a confirmation to the auto-responder. 3. Autoresponder returns the original confirmation mail inline, now subscribing itself to the list. 4. Spammer mails $LIST, doing the same forging as before, and the mail is delivered to the entire list. In any case, you're way too slow. I unsubscribed and blacklisted that auto-responder when it was reported to me yesterday. |