Re: [mailop] How to respond to a subscription attack

Thu, 27 Jun 2024 20:48:35 -0700 

On 6/27/24 20:35, Richard Clayton via mailop wrote:
this is "list bombing" and is done to simply annoy, or more often to hide some other message (about an unusual login, or money (or domain!) transfer) 

ACK

I didn't want to open a new thread with "bomb" in it.  <ASCII shrug>


some simple advice to a victim is to check their Amazon (etc) 
order status...



Good ideal.  Thank you.  I'll pass that on to the friends who own and 
run the small mom & pop ISP.  --  They are long time friends and I help 
them from time to time.



that could mean they don't see the message which the attacker hoped 
to hide in the general mess -- viz: it's not the best approach IMO


I completely agree.


The mail queue was already five times the largest record and quickly 
growing.  Multiple big recipients were starting to delay delivery.  I 
expect that there will be forthcoming ramifications like temporary RBL 
listing.  It's a small server and the user account in question was 
forwarding to a big mail provider.



I felt the need to stem the tide to protect the rest of the users on the 
server and mitigate likely potential damages.  I hope that my choice was 
the lesser of the evils.



you could complain to the senders .. people who still have sign-up 
webpages and similar which don't have CAPTCHAs (or other tricks) 
to avoid robotic usage need to have the issue drawn to their attention


I thought that would be the case.


I know that if one of the systems I (help) run participated in something 
like this I would want to know to try to avoid doing so again in the future.



depends how public spirited you feel !



It's my friend's company and thus his company's data.  Being email 
addresses, there's some identification information in it.  So my friend 
would need to sign off and we would need to be careful about what is 
released and where it's released.



That being said, I know that my friend would be willing to spend some 
time to help the email community at large.


Thank you for the reply Richard.



--
Grant. . . .



Attachment:
smime.p7s

Description: S/MIME Cryptographic Signature


_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop






















					Reply via email to