art333
Kurt Cockrum
kurt
Mon May 24 15:32:05 PDT 1999
In-Reply-To: <v03110705b36f09a2afa3@[168.191.230.170]>
References: <199905241704.KAA24412 at grogatch.seaslug.org>,
<Pine.SUN.3.96.990524114100.12087D-100000 at scn>
Dave Levinger said:
>For spam protection on SCN lists, the easiest form of spam prevention is to
>only allow postings from list members, with approval required by the
>moderator for non-members' postings.
I think that's how the hardware list is configured and has been.
I believe that it's the default anyway for all the lists.
Non-member *postings* were never an issue, AFAIK. Judging from
the mj log entry I posted earlier (most of you never saw that, since it
was directed to hardware only; see below), where art333 got our mj help speil,
they were apparently able to exploit vulnerabilities we don't know anything
about. User activity *is* being logged:
May 23 23:01:50 scn majordomo[15169] {art333 at collegemail.com} help
If he joined any lists, we'd see it. Unless the guy's so good he's
*selectively* editing the logfile, *leaving* his help-request, but *deleting*
the list-joining traces. That seems kinda far-fetched to me...
I did find a bunch of world-read perms in a bunch of mailing lists, which I
fixec, but *some* of the spammed lists *didn't* have world-read perms.
So that wasn't the exploit.
--kurt
* * * * * * * * * * * * * * From the Listowner * * * * * * * * * * * *
. To unsubscribe from this list, send a message to:
majordomo at scn.org In the body of the message, type:
unsubscribe scn
==== Messages posted on this list are also available on the web at: ====
* * * * * * * http://www.scn.org/volunteers/scn-l/ * * * * * * *
More information about the scn
mailing list