LISTSERV - LSTOWN-L Archives - COMMUNITY.EMAILOGY.COM

LSTOWN-L Archives

LISTSERV List Owners' Forum

LSTOWN-L

	LISTSERV Archives
	LSTOWN-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Posts from the unsubscribed masses getting to moderator's mailbox

Kevin Parris <[log in to unmask]>

Sun, 7 Sep 2003 17:04:29 -0400

text/plain (62 lines)

Not really.  Spoofing email is quite easy, but you may never encounter
it maliciously - depends (mostly) on whether or not there is anyone out
there who bears a grudge against your list population.

On the other hand, depending on the technological awareness of your
population, you may encounter it quite painfully if one or more of your
subscribers allows a worm or virus to infect their computer.  The recent
Sobig outbreak was, for the site I administer, fairly selective. Lists
where the subscribers are in the computing/technology business had few
or no "hits" from incoming virus mail, but lists that include many
people who use a computer but are not "computer types" had a lot of
bothersome traffic.  One particular infected machine was producing
copies of Sobig at the rate of 6-10 messages per minute - and that's
just the ones directed to my site, I have no idea how many it was
sending to other places at the same time.

So your plan to validate all subscribers and trust them to behave is,
generally, fairly sound.  But the only way, so far as I know, to really
be sure your lists don't distribute one or another of the virus/worm
annoyances out there, that generally spoof addresses, is to moderate the
list.  Activating the LISTSERV(tm) virus detection feature will help
quite a bit, but that particular tool is only as good as the most recent
signatures update so there is a window of opportunity for the next new
bug that comes out - but this is true of every virus detection product
on servers or desktops or whatever.

>>> [log in to unmask] 09/07/03 01:12PM >>>
In a message dated 9/5/2003 8:44:08 AM Central Daylight Time,
[log in to unmask] writes:

> At 17:31 09/04/2003 Thursday, John Mack wrote:
> >I followed these instructions for a list that I moderate. It works
> >fine. The only thing is I have to approve my own messages -- I
haven't
> >set my subscription options to NOREV.
>
> There is at least one advantage in keeping yourself in REVIEW mode --
it
> makes it harder for someone (or thing, like broken bounce
mechanisms)
> from spoofing your submission address.
>
> /Pete
>

Folks

Speaking strictly as an amature here, in order to attempt to prevent
SPAM, we "confirm" every subscription.  We do not "review" or moderate
the messages.

We assumed that those who were confirmed will not spam and no one can
spoof onto our list. Of course, we cannot prevent an authorized
subscriber from spamming, but as a group of high school alumni we didn't
imagine anyone would spam our list and have their identiy be known as
they did so.

Aside from "trusting" our subscribers ::)) are these other assumptions
correct?

Stan

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM