Tue, 23 Jan 1996 16:40:21 CST
|
On Tue, 23 Jan 1996 16:46:38 EST you said:
>Hmm, why don't you just add *@WINTERNET.COM to your Filter= ? :)
>
>Nathan
>
This probably belongs only on SPAM-L but since it was on LSTOWN-L
I wanted to add a word of caution:
[log in to unmask] was a VICTIM of mail bombing as far as I can
tell. But then I haven't heard from the LISTSERV sites which were
distributing the commands (UICVM and GWUVM) so I am not sure what
their logs show. The domain administrative contact got back to me
right away asking if we had lot info (we didn't since it came in as a
job). But I did explain how to do a netwide signoff so that may be
the signoff folks saw. (Heck, I didn't even think root would be added
because it is on the excluded list, but apparently that is bypassed
when the command comes in as a job).
Anyway, please use some restraint in filtering a whole domain
without proof of where the attack really originated. I know Nathan
isn't the type to shoot first and ask questions later but it is easy
to fall into that trap. And then again, maybe he knows something I
don't about the address... ;-) Adding [log in to unmask] would be
less restrictive.
Marty
PS: Calling a list a listserv is like calling a twig a rose...
|
|
|