[Outages-discussion] [outages] not quite an outage, more a hack, "Urgent: Threat actor in systems" emails from FBI infrastructure
Jay R. Ashworth
jra at baylink.com
Sat Nov 13 12:45:19 EST 2021
----- Original Message -----
> From: "Grant Taylor" <gtaylor at tnetconsulting.net>
> I'm re-routing my reply to outages-discussion instead of the original
> outages mailing list. -- I'm CCing John in case he doesn't subscribe
> to outages-discussion.
>
> On 11/13/21 9:56 AM, John Sage via Outages wrote:
>> Is anyone besides me now receiving three (or here four) identical posts
>> to the list with identical time stamps?
>
> Yes.
>
> I received five copies of the message. All of the messages had the same
> Message-ID.
>
> Tracing the Received: headers, it seems like the message was a duplicate
> all the way up to mx00.postal00.hostinfr.com. I see the first new
> (E)SMTP(S) id at puck.nether.net.
>
> So, it seems to me like the duplication happened between ...hostinfr.com
> and ...nether.net.
>
> I've not implemented a duplicate message ID filter for the Outages
> mailing list. But perhaps I should.
procmail has that built in, I think, and I'd thought Mailman did as well,
but perhaps I'm mistaken.
Such a filter would, of course, have to go on the input side of ... well,
maybe it wouldn't. I've never actually given any thought to how Mailman
handles Message-ID. I expect Jared will know off-hand, though.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
More information about the Outages-discussion
mailing list