> > A whole new bunch of forged subscriptions came in the last 24 hours.
>
> I may be asking stupid questions, but how do you know these are forged?
It's certainly not a stupid question. It becomes harder and harder to
see, and there will be a moment when the only way to know is a message
from the user "WHY AM I ON THIS LIST??? GET ME OFF!!!" or something like
that. I know at this moment the addresses are forged, because all forged
subscriptions come through a number of servers that are the same for
each group of forgeries. Apparently the forgers hacked some accounts
they use over and over again.
Secondly, I go over the list of new subscriptions to my lists once a day
and take a close look at the new ones. If they seem strange in some way,
I take a look at the Web page of the organizationor test if the user
exists (and has the same name as subscribed) with a SMTP VRFY at the server
(if allowed). I can go even as far as asking whether the user really wanted
to subscribe, and if not, he was probably subscribed by a hacker.
Subscription confirmation helps a little bit, but the forgers also issue
lots of "INFO" commands for the lists, to be sure the mailboxes overflow.
So, I rather catch the e-mails before they make it to the list processing
system.
Kind regards,
Alexander Verbraeck.
-----------------------------------------------------------------
Dr. Alexander Verbraeck Delft University of Technology
Department of Systems Engineering, Policy Analysis and Management
Jaffalaan 5 P.O. Box 5015, 2600 GA Delft The Netherlands
Tel: +31 15 2783805 Secr: +31 15 2788380 Fax: +31 15 2783429
e-mail: A.Verbraeck@sepa.tudelft.nl List manager BPR-L, DYNMOD-L
http://www.sepa.tudelft.nl/~alexandv/ See also ..../bpr-l.html
-----------------------------------------------------------------
References:
|
|
