[Full-Disclosure] denial of service on ISN list

["lsi" <stuart@xxxxxxxxxxxxxx>]

I can't subscribe to ISN because their mail server thinks my mail 
server is a spammer.  I can report that Pipex are one of the largest 
ISPs in the UK, and that this server might be used by hundreds of 
thousands of people.

I put it to ISN that your system allows people to be kicked off the 
list.  All I need to do is fake some spam from my enemy's SMTP to the 
list, and you block the entire server.  When another of Pipex' 
100,000 subscribers attempts to join, they are blocked too.  Not 
good.

Stu

On 8 Jul 2004 at 1:59, Mail Delivery System wrote:

Date sent:              Thu,  8 Jul 2004 01:59:26 +0100 (BST)
From:                   MAILER-DAEMON@xxxxxxxxxxxxxxxxxxxxxxx (Mail Delivery 
System)
Subject:                Undelivered Mail Returned to Sender
To:                     stuart@xxxxxxxxxxxxxx

> This is the Postfix program at host pengo.systems.pipex.net.
> 
> I'm sorry to have to inform you that the message returned
> below could not be delivered to one or more destinations.
> 
> For further assistance, please send mail to <postmaster>
> 
> If you do so, please include this problem report. You can
> delete your own text from the message returned below.
> 
>                       The Postfix program
> 
> <isn-request@xxxxxxxxxxxxx>: host forced.attrition.org[66.80.146.7] said: 553
>     5.3.0 - 780 spammer or relay pengo.systems.pipex.net ESMTP Postfix (in
>     reply to MAIL FROM command)
> 



---
Stuart Udall
stuart at@xxxxxxxxxxxxxx net - http://www.cyberdelix.net/

--- 
 * Origin: lsi: revolution through evolution (192.168.0.2)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html