<div dir="ltr"><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Dec 29, 2022 at 6:11 PM Rick Moen <<a href="mailto:rick@linuxmafia.com">rick@linuxmafia.com</a>> wrote:</div><div dir="ltr" class="gmail_attr"><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>
----- Forwarded message from Rick Moen <<a href="mailto:rick@linuxmafia.com" target="_blank">rick@linuxmafia.com</a>> -----<br>
<br>
Date: Thu, 29 Dec 2022 18:09:20 -0800<br>
From: Rick Moen <<a href="mailto:rick@linuxmafia.com" target="_blank">rick@linuxmafia.com</a>><br>
To: Bobbie Sellers <<a href="mailto:bliss-sf4ever@dslextreme.com" target="_blank">bliss-sf4ever@dslextreme.com</a>><br>
Subject: Re: No request for password on <a href="http://linuxmafia.com" rel="noreferrer" target="_blank">linuxmafia.com</a><br>
Organization: If you lived here, you'd be $HOME already.<br>
<br>
Quoting Bobbie Sellers (<a href="mailto:bliss-sf4ever@dslextreme.com" target="_blank">bliss-sf4ever@dslextreme.com</a>):<br>
<br>
> I got a big stack of emails over about a 5 minute period.<br>
> <br>
> Two topics seemed to predominate, One was seeking confirmation for<br>
> an unsubscribe and Two was seeking a password to change my account.<br>
> <br>
> I do not need a password and I do not want to unsubscribe.<br>
> <br>
> I assume this is a automatic reaction by the software.<br>
<br>
I have no idea what that is, but it's highly _highly_ likely some bot<br>
out there, at some random location on the Internet, is trying to probe<br>
<a href="http://linuxmafia.com" rel="noreferrer" target="_blank">linuxmafia.com</a>'s GNU Mailman to find security weakneses. Which is to <br>
say, the bot is guessing who _might_ be subscribed to <a href="http://linuxmafia.com" rel="noreferrer" target="_blank">linuxmafia.com</a><br>
mailing lists, and attempting to abuse the admin WebUI to send <br>
"unsubscribe me" and "change my subscription password" commands <br>
purporting to be from your address.<br>
<br>
<a href="http://linuxmafia.com" rel="noreferrer" target="_blank">linuxmafia.com</a>'s GNU Mailman then dutifully attempts to vet those <br>
attempts for authenticity by checking them with the purported submitter,<br>
in this case you. And thus, here we are.<br>
<br>
If you can forward one of those with _full SMTP headers_, <br>
I might be able to say more. (If you are not sure you <br>
know what "full SMTP headers" means and how to achieve that, then that<br>
means you don't know how.)<br>
</div></blockquote><div><br></div><div>I'm not sure what "full SMTP header" means myself, but I'm going to guess</div><div>you are referring to the relay points any email takes in its journey from the <br></div><div>originator to its end point. I'm also going to guess that since the originator</div><div>email addy can be munged, that any relay point can also be munged. And if</div><div>I'm wrong about any of this, all I can say is "not the first time I've been wrong about</div><div>something, nor will it be the last." As that old gas station commercial used</div><div>to say, "your mileage may vary." :p<br></div><div><br></div><div>Happy New Year all,</div><div>-th<br>
</div></div></div>