[3129] in bugtraq
Re: mail storm
daemon@ATHENA.MIT.EDU (Roy Leonard)
Tue Aug 13 11:18:03 1996
Date: Tue, 13 Aug 1996 09:24:18 +0100
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Roy Leonard <rleonard@ferrotec.ie>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
I remember seeing references to this on the Net-abuse newsgroup ( I think
It's in the FAQ). This method has been used by users who have been
"spammed", to exact revenge on the "spammers". Usually the mail load gets
so high, that the spammer is simply disusered, leaving a large disaster area
in his wake, which the Sys-Op is left with. BTW, I don't agree with this
kind of revenge!
If the hacker subsribes mailing list to mailing list, etc...., the mailing
list software may well be capable of stopping this. But surely it would be
easier for the hacker to subscribe his enemy to N mailing lists? Is there
any solution to this? Or do you simply hope that your users are friends
with everyone else!
Roy
...
>
>Imagine the hacker picks 2n mailing lists, subscribing the i'th to the
>(i+n)th and the (i+n)th to the i'th, subscribing that person they really
>don't like to the 0..n-1'th, and finally, forging one message to each of
>the 0..n-1'th.
>
>Some (all? Doesn't seem likely from here) mailing list software would
>probably figure it out, but enough of them wouldn't that I suspect
>there'd be a nasty "e-mail storm" - an exponential growth of e-mail,
>analogous to the growth seen in a "broadcast storm".
>
-==-
Roy Leonard + Tel: +353-1-295-2529
Firmware Development Engineer + Fax: +353-1-295-3625
rleonard@ferrotec.ie
"Never attribute to malice that which can be adequately explained by stupidity"
-==-
