Steven Noels <[EMAIL PROTECTED]> writes: <snip/>
> How can we defend ourselves from bots spamming the lists using > subscribed or allowed addresses...? Or do we need to actively > monitor/clean up stale entries in the allow list? The same format of message also hit xml-dev this morning. Again, bounced through the list. Don't think you can really defend against. Nothing says that they just won't use forged headers of a regular user. You could try and verify that the mail server corresponds to the sender domain but for people on the road that likely ain't going to cut it. Quarantining all attachments (and forcing explicit download) might be workable? I guess I'm going to have to stop using my regular e-mail address for this kind of thing and start maintaining yet another mail box (5 so far). So far our virus checkers have caught all this stuff but sooner or later someone's going to find a hole that doesn't rely on social engineering and doesn't get caught by the filters...
