On 2020-08-21 at 09:23 +0200, Norbert Bollow via mailop wrote:
> On Fri, 21 Aug 2020 10:03:48 +0300 Lena wrote:
>
> > > I have searched a few emails, but fail to see why they would be a
> > > target. Maybe only a few of them are the real targets, with other
> > > addresses being added in order to
On 2020-08-21 03:23, Norbert Bollow via mailop wrote:
Maybe the idea behind that bot is that filling in the "email" field
with a real-looking email address might lead to being granted read
access to mailing list archives which could then be scraped for email
addresses to increase the target list
On Fri, 21 Aug 2020 10:03:48 +0300
Lena--- via mailop wrote:
> > I have searched a few emails, but fail to see why they would be a
> > target. Maybe only a few of them are the real targets, with other
> > addresses being added in order to conceal those?
>
> I suspect that the bot is spamming r
> I have searched a few emails, but fail to see why they would be a
> target. Maybe only a few of them are the real targets, with other
> addresses being added in order to conceal those?
I suspect that the bot is spamming random web-forms
like various bots try to spam my guestbook with ads with li
On 2020-08-19 at 19:49 +0800, Philip Paeps via mailop wrote:
> On 2020-08-19 17:51:51 (+0800), Andy Smith via mailop wrote:
> > Since yesterday I've been seeing a large number of attempted
> > subscriptions to all the public lists on one of my Mailman servers.
> > There's so far been 160 attempt
Hey,
my initial check was
Aug 18 09:50:53 2020 (7596) berlin: pending lywlo...@gmail.com 202.211.87.136
The IP comes from Japan with the same user agent.
These were the next requests on my host:
Aug 18 10:36:56 2020 (14780) kamikaze: pending fislisrb...@outlook.com
182.30.40.234
Aug 18 12:
After having thwarted additional attacks (thanks for the hint about
SUBSCRIBE_FORM_SECRET!) I looked at our mailman logs
to see if everything is quiet now, and to find patterns.
Apparently the initial check was from a serbian IP address:
Aug 18 10:01:55 2020 (8184) : pending mmc49...@eoopy.com
Hi,
On Wed, Aug 19, 2020 at 07:53:43PM +0800, Philip Paeps via mailop wrote:
> On 2020-08-19 18:24:30 (+0800), Andreas Schamanek via mailop wrote:
> >BTW, Mailman mm_cfg.py option `SUBSCRIBE_FORM_SECRET` apparently mitigates
> >the DoS, too.
>
> We've also had some success in the past with raisin
On 2020-08-19 18:24:30 (+0800), Andreas Schamanek via mailop wrote:
On Wed, 19 Aug 2020, at 09:51, Andy Smith via mailop wrote:
Since yesterday I've been seeing a large number of attempted
subscriptions to all the public lists on one of my Mailman servers.
(...)
I can confirm this for my serv
On 2020-08-19 17:51:51 (+0800), Andy Smith via mailop wrote:
Since yesterday I've been seeing a large number of attempted
subscriptions to all the public lists on one of my Mailman servers.
There's so far been 160 attempted subscriptions for 69 unique email
addresses.
I see some of this on F
Hello,
seeing this here, too.
But I did only receive a small number of requests (about 100 in the last day).
Every IP I find in the logs connects only once to try to subscribe.
The IP addresses are registered for 5 different providers in the US.
Thanks for the UserAgent workaround.
Cheers
On Wed, 2020-08-19 at 12:24 +0200, Andreas Schamanek via mailop wrote:
> On Wed, 19 Aug 2020, at 09:51, Andy Smith via mailop wrote:
>
> > Since yesterday I've been seeing a large number of attempted
> > subscriptions to all the public lists on one of my Mailman servers.
> > (...)
>
> I can conf
On Wed, 19 Aug 2020, at 09:51, Andy Smith via mailop wrote:
Since yesterday I've been seeing a large number of attempted
subscriptions to all the public lists on one of my Mailman servers.
(...)
I can confirm this for my servers from top to end including some of
the hashes.
BTW, Mailman m
Am 19.08.20 um 11:51 schrieb Andy Smith via mailop:
> Hi,
>
> Not sure if this is the best place to mention this, but…
>
> Since yesterday I've been seeing a large number of attempted
> subscriptions to all the public lists on one of my Mailman servers.
> There's so far been 160 attempted subscript
Hi,
Not sure if this is the best place to mention this, but…
Since yesterday I've been seeing a large number of attempted
subscriptions to all the public lists on one of my Mailman servers.
There's so far been 160 attempted subscriptions for 69 unique email addresses.
These addresses never compl
15 matches
Mail list logo
