Exploiting Mail Exploders and List Servers

A mailing list is a community of e-mail addresses that can be reached by sending a single message to one address, known as the list address. E-mail sent to the automated mailing list is redistributed to all subscribers to the list [8]. Automated list servers like Majordomo or ListProcessor provide many opportunities for the e-mail bomber to exploit the SMTP infrastructure.

 

Figure 5: Abuse of Mail Exploders

This attack scenario can be combined with other bombing techniques or executed stand-alone. In a nutshell, the bomber subscribes the victim, H_victim, to numerous mailing lists. Currently, most mailing lists do not authenticate the subscriber; and the list servers which do authenticate use weak authentication mechanisms which may be easily subverted.

Herfert [9] discusses security-enhanced mailing list exploders as a way to provide strong authentication to posters on mailing lists. However, these cryptographic techniques are difficult to implement on a global scale, primarily because of the challenges associated with key management. In addition, the processing overhead of encrypting data for thousands of e-mail messages must be considered. The topic of cryptography, relative to e-mail authentication, is briefly summarized in section IV.