LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Messages to Send= Private lists from alleged non-subscribers?

Margaret King <[log in to unmask]>

Fri, 27 Jul 2007 10:45:43 -0400

text/plain (54 lines)

One of our list owners has complained about spam and
forwarded me some of those "dadisman" messages.  In his
case, the lists are moderated and so the messages are
coming to him for approval and he of course is not
approving them, so it is just an annoyance for him.  I
don't know whether Listserv thinks they are subscribers
because on these particular lists the messages would go
to the moderator either way.  I haven't had time to do
much investigation on it but I wanted to say that yes,
[log in to unmask] has been sighted here too.

Margaret King
Michigan State University

On Thu, 2007-07-26 at 15:59 -0500, Marty Hoag wrote:
>     I used to administer LISTSERV(tm) here long ago but the
> current administrators came to me and I volunteered to check
> with this list. We're having some mysterious behavior lately.
> I just wanted to send a quick note to see if anyone else has
> seen this or it is an old problem. We've just started looking
> into this.
>
>     We've had a couple of Spamcop complaints which seem to be
> associated with messages to lists with Send= Private but
> from "non-subscribers".
>
>     When investigating it the administrators saw many (hundreds?)
> of log entries (e.g., confirmation requests) from addresses in
> the form   [log in to unmask]  where xxx, YYY, and ZZZ
> would vary some throughout the day but the "dadisman" part
> seemed to stay the same. The e-mail to the lists came
> from those same sorts of addresses but when we looked at
> the list they were no longer subscribed. We're still
> checking to try to see if they were momentarily subscribed
> then signed off. Apparently some of the lists were set up
> for Open,Confirm subscriptions and some By_Owner.
>
>     We think the affected lists are Confidential=No or "public"
> (most of ours are Yes). Looking at our SMTP mailscanner front
> end system (before the mail is passed on to LISTSERV) it appears
> there were hundreds of requests and a wide range of IP address
> origins for the e-mail so it may be some sort of bot activity.
> We don't have changelogs on most of our lists but we will do
> some more checking to see if we can figure out how the actual
> message is getting out (the headers look legitimate and the "bogus"
> messages were apparently in the archives of the lists checked).
>
>     Have any of the rest of you seen something like this
> lately? If this is old news I apologize but in a quick search
> of the LSTSRV-L I didn't seen anything that matched.
>
>     Thanks!  marty
>

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM