Re: mail storm

[@ (Igor Chudov @ home)]

Dan Stromberg wrote:
> This almost has to have been discussed before, but I don't recall seeing
> it anywhere.
>
> Imagine a hacker really doesn't like someone, and is willing to do
> something disruptive to a lot of other people to spite that one person.
> Or imagine that they just want to do something very disruptive.
>
> Imagine the hacker picks 2n mailing lists, subscribing the i'th to the
> (i+n)th and the (i+n)th to the i'th, subscribing that person they really
> don't like to the 0..n-1'th, and finally, forging one message to each of
> the 0..n-1'th.

Try subscribeing ALL lists to ALL lists (and subscribe every list to
itself). The reaction after time T will be (ideally)

                sum( t=0, t=T, N ** t)

messages (where t is time and N is the number of mailing lists).
It should be relatively easy to write a perl script that does it.

What is proves is that every mailing list should include a standard
header

X-Mailing-List: <submission@address>

to help other list manager programs identify the illegal submissions.

It also helps users who are list-bombed (ie, subscribed to hundreds of
unrelated mailing lists) to junk all unwanted messages.

        - éÇÏÒØ.