[Full-Disclosure] Mailing lists and unsolicited/malicious spam

From: n3td3v (xploitable_at_gmail.com)
Date: 11/26/04

  • Next message: Dan Davis: "Re: [Full-Disclosure] Fwd: Hi, It's Me !!!!!" 
    To: full-disclosure@lists.netsys.com
Date: Fri, 26 Nov 2004 00:38:17 +0000

    How many people are actually subscribed (on FD) and what are the
    general figures for subscribers for high profile mailing lists, has
    any figures ever been released? And would the theft of the list of
    e-mails subscribed be of value to spammers? I think it would be, I
    hope FD admin is up to date with and keeping tracks of bugs as the
    rest of us. If malicious hackers/script kiddies got hold of the list,
    I think they would be able to attack a good percentage of inboxes with
    whatever they send. Weather it be porn spam or a phishing to take
    passwords or if it be malcious code to take advantage of POP mail
    clients via SMTP.

    I think already FD is targeted by spam/phishing hackers who wish to
    collect e-mail addresses for further exploration. Perhaps posting on
    FD could be a security risk in itself (well not just FD but mailing
    lists online in general) as far as POP mail clients and SMTP is
    concerned. (web-based e-mail has its own problems which usually don't
    have the risk of taking over computers like mail clients do. Usually
    web-based e-mail is just at risk from xss/cookie disclosure/account
    theft, whereas malicious code sent to mail clients can take over whole
    computer systems)

    For those of you who already have a "mailing list only" e-mail address
    and a seperate address for work related/corporate/company matters, do
    you see a different level of unsolicited spam, compared to the work
    address or other private e-mail address for friends and family? I'm
    thinking about setting up the same myself, just for experimental
    reasons! I think i'll find some differences between the two.

    Sorry if you don't care about anti-spam, but its something i'm
    interested in. Sorry to all the script kiddie hax0rs who don't like me
    working against you and your e-mail collecting bots!

    Plus, do FD admin and other high profile mailing lists have honey pots
    or similar methods to catch FD/mailing list born spam? I believe a big
    mailing list can have its own domestic/internal spam, seperate from
    the general internet who are not subscribed to the given mailing list
    or lists, and even different mailing lists having its own group of
    spammers targeting them, with its own nature of spam/phish/malicious
    code exploration.

    Thanks,
    n3td3v

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Dan Davis: "Re: [Full-Disclosure] Fwd: Hi, It's Me !!!!!"

    Relevant Pages

    • RE: bogofilter ate 3/5
      ... Subscribers subscribing one address ... respond to spam as well (well, unless you put a spam filter ... I'm sure there are some people that don't run mailing lists that would love to call this behavior 'bad'. ... I find it highly ironic that spam blocker services tell you not to use certain techniques (autoresponders, bounce messages) that are not only commonplace, but precedented and even mandated by RFC on the grounds that they may cause you to be blocked. ...
      (Linux-Kernel)
    • RE: [Full-Disclosure] Mailing lists and unsolicited/malicious spam
      ... Mailing lists and unsolicited/malicious spam ... general figures for subscribers for high profile mailing lists, ... have the risk of taking over computers like mail clients do. ...
      (Full-Disclosure)
    • Re: [Full-Disclosure] Mailing lists and unsolicited/malicious spam
      ... > at their house) have very in-depth spam filters and programs to weed out ... that I started recently and only use for mailing lists. ... >> taking over computers like mail clients do. ...
      (Full-Disclosure)
    • asp.net Mailing List software/components
      ... Can anyone recommend an asp.net mailing list system that we could attach to ... We're looking for a tool that can maintain multiple mailing lists, ... when we update certain content on the web site via the CMS). ... - ability for subscribers to sub/unsub themselves online ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: An Amazing Fact
      ... Yet, for example, most mailing lists send RAVs and do not ... >>suffer for subscribers. ... >>just can't design negative filters that can reliablly, over time, tell the ...
      (comp.os.linux.misc)