Rich Kulawiec wrote:
On Sat, Nov 29, 2008 at 05:30:30PM -0600, mathew wrote:
Spammers could bypass all my spam filtering right now, and probably that of
many other people, if they could reliably automatically guess what mailing
lists their victims are on. Has anyone seen any evidence that they are
capable of doing so?
Yes. I have spam-in-hand from multiple incidents. And it is of course
not necessary for them to guess, since they could (a) subscribe to those
lists and harvest part of the subscriber list (b) grab the archives of
[some] lists and harvest part of the subscriber list (c) go through the
"address books" and stored mail on any zombied system and note any mailing
list which any mail address in use on that system is subscribed to
(d) go through any zombie which happens to be a mailing list server (e) etc.
So why don't we see more of it? I suspect because it's not worth
their trouble -- yet.
It certainly is, if only by way of zombied machines.
The users here getting the highest volumes of spam (in one case > 16,000
/day in bursts) have only one thing in common.
Membership in lots of IETF related activities, especially mailing lists.
The second most common attribute is membership in IEEE lists.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg