Hey folks,
This morning I had an incident with one of my customer's announcements
list where one of the list subscribers took it upon himself to try
posting to a closed list. It's set up both with a password and a list
of authorized senders.
I personally feel like a schmuck for not thinking to test this in the
first place, but what he did was simply send to the -outgoing alias of
the list instead of the main list alias. That alias points to a
redirect to the TLB bulk mailer and works just fine on its own and thus
bipasses all of the Majordomo security options.
The following is a sample set of aliases for one of our lists:
owner-special:info@list.domain.com
special-owner:owner-special
special-approval:info@list.domain.com
special-outgoing:"|/usr/local/majordomo/tlb -l special
/usr/local/majordomo/mj.t
lb
special:"|/usr/local/majordomo/wrapper resend -l special
special-outgoing
Though the message From and Reply-To fields are set to a specific
address, the -outgoing alias still shows up under Sender in the header
such that if a recipient is smart enough to scan the detailed header he
can easily figure out what the -outgoing alias is and send a message to
that. This particular individual wasn't that bright, but he started
hitting my mail server with vrfy commands until he eventually came
across the alias name and then sent his message.
I'm hoping to avoid some sort of hokey firewall implementation with two
servers as a fix for this. Can anyone think of a smarter implementation
just using majordomo and TLB that would prevent this kind of thing from
happening again?
-Erik
--------------------------------------------
Erik McCormick
Onesoft Internet Operations Center Services
Email: emccormick@onesoft.com
Phone: 703-916-7448
--------------------------------------------
Follow-Ups:
|
|
