Tue, 20 May 2003 15:28:48 -0400
|
At 15:07 05/20/2003 Tuesday, Wes Anderson wrote:
>We have since changed the Send parm to Send=Editor,Hold,Confirm.
Good thinking!
>Note also that the list is re-generated through a bulk-load process.
>Subscribers cannot subscribe or change their settings, so it seems that the
>Validate parm is not as critical as would be the case if subscribers were
>allowed to manage their accounts.
[They are unable to manage NOPOST as an everyday subscriber.]
>The current configuration looks like this:
>
>Subscription= By_owner
>Ack= Yes
>Confidential= Yes
>Validate= No
>Reply-to= [log in to unmask]
>Review= Owners
>Editor= xxxxxx @pharmacists.ca
>Send= Editor,Hold,Confirm
>Errors-To= Owner
>Owner= xxxxxx @pharmacists.ca
>Default-Options= NOPOST
>Notebook= Yes,e:\sites\listserv-cpha.inf.ca,Monthly,Owner
>Change-Log= Yes
>
>Also, we are trying to determine who the spammer is and how they managed to
>send this e-mail. Does anyone have any experience in this area? The
>manager of our Listserv says there was a virus that generated the e-mail but
>it's still not clear how a virus could find the admin account to post to
>this list. Any ideas?
It did NOT need to affect/infect the admin account -- just some poor
person somewhere on the Internet who's system spoofed your admin
account xxxxxx @pharmacists.ca
I have several more recommendations:
ADD a keyword
MODERATORS= ALL,[log in to unmask],[log in to unmask]
Update your EDITOR= to add the secondary moderator
Make sure that that [log in to unmask] and
[log in to unmask] are subscribed and that the following
commands have been issued:
SET listname REV FOR [log in to unmask] PW=????
SET listname REV FOR [log in to unmask] PW=????
You might consider updating your templates so that the auto-acks to
NOPOST responses are suppressed. This is very nice so that you are not
bothered by bounces of spoofed (and non-existent) posters who's mail is
rejected by the list and then bounces back to the ERRORS-TO address.
We use this precise config on a particular daily announce-only list and
are NOT bothered by spoofed email being distributed to valued customers.
/Pete
|
|
|