On 06/01/2010 12:59 AM, Murray S. Kucherawy wrote: >> I've seen spam posted to mailing lists. Recently, I've seen lists >> targetted >> in more intelligent ways by spammers. For example, by using sender >> addresses in the domain of the list (quite a useful way of attacking >> academic lists, which tend to have lots of local users, but some non- >> local). > > Though I've not witnessed this myself, I think it stands to become a more > common attack vector if it is found to be even marginally successful, because > it's free to try.
I see list spam all the time on the android-developer list. Some of it seems to be more targeted, some of it doesn't. I assume that googlegroups spam filters its incoming mail just like anything else that's directly connected to the sewer, so what I'm seeing is the remaining false negatives. So the notion that lists are somehow immune is quaint and outdated. If there's a big enough audience, or it targets something that spammers want, they'll apparently go to the effort of either subscribing or spoofing or whatever to get their turds through. Long and short: the link between originator and list is important and probably will become more important for large lists as software automation lowers the barriers. Email harvesting is probably by far the easiest thing because your legit email address is sitting in the public archives. Using DKIM to predict likely spoofs would be a good thing, especially since there's an ongoing relationship between subscriber and list. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
