The attachment was deleted, you can find it here: targets: https://www.dropbox.com/s/d6ddmgx3iljubot/boom-backscatter-targets.txt zip containing the attacker's page source: https://www.dropbox.com/s/tlofz5wg8l8w47a/boom-backscatter.zip
-- Fil On Thu, Nov 14, 2013 at 7:32 PM, Fil <f...@rezo.net> wrote: > Hello, > > I just noticed a lot of backscatter spam, my Mailman installation was > starting to send subscription verifications to a lot of > allc...@hotmail.com addresses, on a test list that no one is supposed to > be using. > > I traced it to this site : > > http://4478.a.hostable.me/vinabot/bommail/Boom.html > > if you view source you will see that it opens a lot of iframes on 284 > Mailman installations, and tries to auto-subscribe its victims email > adresses to different lists (392 in total). > > I have put the page HTML source as well as the list of targeted servers > and lists in the attached zip file. > > Do you know how to stop this efficiently? > > -- Fil > ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
