On 8/18/21 11:34 PM, Stephen J. Turnbull wrote:
Is anyone else seeing requests to their mailman install that look
something like this:
Aug 18 15:10:16 2021 (31166) Hostile listname:
listname=midrange-l__;!!NVq9dfhzMyHqTw!wLl-dt8zxsuQuoyojs-UYmT_d65WZroClHaYGfHduJ561eT0B7baTQV1ogZzQKRRsw$:
remote=52.34.76.65
What log is that from? I don't recognize the format.
mischief
> But I don't understand what you mean by "hostile
> listname" being "correct".
He means that "midrange-l" is the name of an active list at his site,
I'm pretty sure.
Exactly correct.
host(1) says the source or the request is AWS. :-/
None of this explains why the URL is targeting David's Mailman, unless
it's the Mailman host that is running the Proofpoint. (It's not your
job ;-), but any further hints would be appreciates.
These requests are coming from an external source. I'm not running
proofpoint.
Not much I can do about it, I guess. Good to know the source of the
requests though.
Not sure what proofpoint is trying to do. They are just getting errors.
Oh well.
Thanks for the info guys.
david
--
I'm riding in the American Diabetes Association's Tour de Cure to raise
money for diabetes research, education, advocacy, and awareness. You
can make a tax-deductible donation to my ride by visiting
https://mideml.diabetessucks.net.
You can see where my donations come from by visiting my interactive
donation map ... https://mideml.diabetessucks.net/map (it's a geeky thing).
------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
