[sf-lug] Bot-generated nonsense
rick at linuxmafia.com
Thu Dec 29 18:10:12 PST 2022
----- Forwarded message from Rick Moen <rick at linuxmafia.com> -----
Date: Thu, 29 Dec 2022 18:09:20 -0800
From: Rick Moen <rick at linuxmafia.com>
To: Bobbie Sellers <bliss-sf4ever at dslextreme.com>
Subject: Re: No request for password on linuxmafia.com
Organization: If you lived here, you'd be $HOME already.
Quoting Bobbie Sellers (bliss-sf4ever at dslextreme.com):
> I got a big stack of emails over about a 5 minute period.
> Two topics seemed to predominate, One was seeking confirmation for
> an unsubscribe and Two was seeking a password to change my account.
> I do not need a password and I do not want to unsubscribe.
> I assume this is a automatic reaction by the software.
I have no idea what that is, but it's highly _highly_ likely some bot
out there, at some random location on the Internet, is trying to probe
linuxmafia.com's GNU Mailman to find security weakneses. Which is to
say, the bot is guessing who _might_ be subscribed to linuxmafia.com
mailing lists, and attempting to abuse the admin WebUI to send
"unsubscribe me" and "change my subscription password" commands
purporting to be from your address.
linuxmafia.com's GNU Mailman then dutifully attempts to vet those
attempts for authenticity by checking them with the purported submitter,
in this case you. And thus, here we are.
If you can forward one of those with _full SMTP headers_,
I might be able to say more. (If you are not sure you
know what "full SMTP headers" means and how to achieve that, then that
means you don't know how.)
I cannot really analyse the situation further without such a copy.
Judging by the fact that you sent this mail to
"test-owner at linuxmafia.com", I gather that the bot was trying to unsub
you from mailing list test at linuxmafia.com, and/or change your
subscription password. Which is of course inane because you're not even
on that mailing list -- but these bots tend to try a lot of crazy
things, hoping something will hit.
----- End forwarded message -----
More information about the sf-lug