LISTSERV - LSTOWN-L Archives - COMMUNITY.EMAILOGY.COM

LSTOWN-L Archives

LISTSERV List Owners' Forum

LSTOWN-L

	LISTSERV Archives
	LSTOWN-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Fwd: Risks of bouncing messages from closed e-mail lists

Paul Karagianis <[log in to unmask]>

Wed, 16 Feb 2000 12:14:25 -0500

text/plain (16 lines)

On 16 Feb 00, at 10:24, Mike Yuhas quoted from Risks:

>However, there is a more serious vulnerability here: infinite loops
>between two or more closed lists.
>
>If an attacker forges the originating address of a closed list that sends
>back automated rejection notes to another closed list that sends back
>automated rejection notes, then each forged message will generate a
>mailstorm as a function of the speed of the servers in sending bounce
>messages to each other.

Listserv is RFC1123 compliant and bounces with a null "return-path"
that it won't bounce to if it's also on the receiving end.  Right?

                                                    -Kary

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM