Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:11826
Return-Path: <paul@rusko.us>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 54686 invoked by uid 1010); 2 Aug 2004 14:20:24 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 54606 invoked from network); 2 Aug 2004 14:20:24 -0000
Received: from unknown (HELO utopia.rusko.us) (207.44.144.89)
  by pb1.pair.com with SMTP; 2 Aug 2004 14:20:24 -0000
Received: from rusko (ool-44c0a1af.dyn.optonline.net [68.192.161.175])
	by utopia.rusko.us (Sendmail) with SMTP id 739E9BBBAB
	for <internals@lists.php.net>; Mon,  2 Aug 2004 10:41:15 -0400 (EDT)
Message-ID: <01cc01c4789b$3ca2c220$0200a8c0@rusko>
To: <internals@lists.php.net>
References: <00c101c4783e$53f86630$0200a8c0@rusko> <410DF8E8.904@hristov.com> <010d01c47859$e5138260$0200a8c0@rusko> <1091454782.410e473e04e2c@hristov.com>
Date: Mon, 2 Aug 2004 10:15:59 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1409
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
Subject: Re: [PHP-DEV] list abuse
From: paul@rusko.us ("Paul G")


----- Original Message ----- 
From: "Andrey Hristov" <php@hristov.com>
To: "Paul G" <paul@rusko.us>
Cc: <internals@lists.php.net>
Sent: Monday, August 02, 2004 9:53 AM
Subject: Re: [PHP-DEV] list abuse


--- snip ---

> Sure it does it intentionally. I have used to check the site without the
> provided link and it looked
> like some pr0n site.
>
> Here is the source of the last message. Usually they "come" from addresses
like
> andi@zend.com,
> zeev@zend.com even  paul@rusko.us :)

this is really simple, as i've stated in a previous mail. script parses
message, takes the address listed first in the 'to' and uses it as 'from'
for the confirmation mail. this works perfectly fine when it's a mail from
person A to cluetard B, but delivers funky results (which we are seeing)
when used on an account that receives mailing list traffic. this is
understandable, since the author obviously never intended for it to be used
that way.

nekkidness or no nekkidness doesn't make a difference in this case (the
website seems to be a service for adult gallery webmasters) - if they wanted
to harvest e-mail addresses, they could just harvest from the archives. this
is clearly a case of misconfiguration (ie confirmation script enabled on an
account receiving maillist traffic).

regardless, it would be nice to get rid of it. can someone on the admin side
send an ID'ed test to subscribers to see where this is coming from (or is
this considered a minor nuisance not worth bothering with)?

paul