The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Wednesday, March 15, 2006

Spammers exploiting mailing list servers in a new way

New to me, anyway. Spammers bundle their spam into a subscription request or other message that will generate a bounce or some other automated reply, and send it to a mailing list server at a reputable site. The server then sends the response, with embedded payload, back to the puported sender. It's a new form of relaying.

Why bother? Because the mailing list server is likely not in any spam-blocking lists. This allows spammers to avoid whatever block lists they're on.

The exploit was seen in ezmlm mailing list managers, but there's no reason to think that other managers are immune.

Read more details at SecuriTeam Blog.


Post a Comment

<< Home