tons of spam
Todd Zullinger
tmz at pobox.com
Tue Jun 19 16:00:12 UTC 2007
Tim wrote:
>>> Making it harder for robots to subscribe themselves.
>>> Not supplying lists of members on demand.
>>> Munging e-mail addresses written in message bodies.
>>> Removing personal addresses from to, CC, reply-to, and from headers.
>
> The first two points are things that many e-mail lists should do by
> default. The first even one reduces its workload. The second one
> is not the default action of this mailing list. You have to log in
> and set an option to keep your e-mail address from being supplied on
> demand. List-admins are the only ones that need to be able to grab
> a list of members.
Currently, only list administrators can get the members for this list.
See the text at the bottom of the listinfo page:
fedora-list Subscribers
(The subscribers list is only available to the list administrator.)
If you can get the member list without knowing an admin password, then
you've found a hole in Mailman or in the setup of the redhat.com list
server. :)
Regarding the first point, you do have to reply with a confirmation
string that is emailed to you. So you have to provide a valid address
to get subscribed. That's not fool proof, but it should dissuade most
bots from subscribing.
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Despite the high cost of living, it remains a popular item.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20070619/053e7c7a/attachment-0001.sig>
More information about the fedora-list
mailing list