|
PureBytes Links
Trading Reference Links
|
>> . . . and a nice little trojan that sends information
>> back to Pierre . . .
>
>I do not knwo how to build one.
>More I do not need it, because you subscribed yourself.
Pierre, you should be aware that you have left yourself open to a
severe vulnerability that could result in your provider terminating
your internet access.
The problem is that you seem to be running a mailing list that
doesn't confirm subscription requests. I can go to your web site
and add anybody's e-mail address to your list. As far as I can
tell, you don't close the loop; you don't send back a message asking
the recipient to confirm that the person who owns the address really
is the one who made the request.
The newsgroup news.admin.net-abuse.email has frequent stories about
how some miscreant, bent on being a nuisance, forges thousands of
people to open mailing lists such as yours. These miscreants are
often spammers who are angry that they've been kicked off their
ISP, and they have lists full of addresses, and automated scripts
to perform the forged subscriptions. As I said, this happens
frequently. Your mailing list may never be found, but you have left
yourself vulnerable.
The result is that the mailing list (i.e. you) sends out mail to
a bunch of people who never requested it, and they complain to
your internet provider, who shuts you down, ESPECIALLY after it's
been proven that you "spammed" everybody with suspicious .exe
attachments.
Please think about it. Your intentions are honorable, but honorable
intentions, combined with ignorance of the realities of the
internet, can get you in trouble. You can take the risk and
probably do OK, but consider if the risk is worth the potential
damage.
--
,|___ Alex Matulich -- alex@xxxxxxxxxxxxxx
// +__> Director of Research and Development
// \
//___) Unicorn Research Corporation -- http://unicorn.us.com
|