How did somebody subscribe to List "0"

[listmailpro]

I just backed up my ListMail subscriber database, and I noticed two email addresses @mydomain.com - it caught my eye because, except for my wife and parents, I don't issue email addresses to others. The other REALLY strange thing is, they were subscribed for List "0" - I have never had even a web robot accidentally sign up for list "0" - any ideas? Should I be concerned?

As a sep. note, I did get an administrator alert a month back regarding a filed login attempt, but I changed my password to something longer right away, just as a precaution, and there doesn't appear to be any settings changes anywhere, so I'm sure it's nothing, just wanted to mention that too.

[DW]

I got your email with the same message.  Thanks for posting this to the forum!

What you are reporting is concerning and I would love to be able to explain it.  Unfortunately, I can't - yet.  From what you say I take it the email addresses subscribed were not legitimate addresses and might have been generated by a web robot or hacker.

It is possible for a hacker to change the List # subscribed to with a simple HTML form that submits to your signup.php, however, this should not let the user subscribe - I get a series of errors when I try it.  Do you have another script interfacing with the ListMail database, perhaps?  Are you using a custom script such as the "User Profile" script available in the Customizations forum, or your own script?

Regards

[listmailpro]

Dean, thanks for the speedy reply!

I do use LMPro for 7 or 8 separate mailing lists, as I have several different "levels" of subscription for my web site, and I set up a couple small lists to make sending baby photos to family and co-workers that much easier. There is only one web site however that has a signup form anywhere online (to my knowledge anyway) and no I am not using any other scripts / programs / modified forms to interact with LMPro.

The only (six) locations on my web site (and the internet for that matter, and again, to my knowledge) where the signup form even exists are as follows: (and if I'm not mistaken, they all use the exact same set of code)

http://funehumor.com/<index.htm>
http://funehumor.com/index.html
These are both home landing pages

http://funehumor.com/updates.shtml
This page is a hard-coded 'link' from every single page on my site, to drive people to a description of my 'levels' of lists

http://www.funehumor.com/right.htm
http://www.funehumor.com/right_cj_ads.htm
http://www.funehumor.com/right_google_ads.htm
One of these three "pages" gets included as an SSI on every single page throughout my site other than the 'landing pages'

[listmailpro]

You also asked about the email addresses in question. They were both email addresses using my domain @funehumor.com - one was signed up on 11/16/05, the one I noticed first was on 11/18/05 (coincidentally, my birthday) - both addresses included a 'dictionary' word (6 or 7 letters) followed by 4 numeric digits. That does not MEAN it was an automated process, but that's what I thought of first. Could just be a person trying something twice in 2 days...

As much as I like to think it is sometimes, my site is not large or all that popular (yet) compared to others and I'm wondering if I'm the only one being 'targeted' or if other LMPro users have seen this behavior - either way, it seems like a very recent issue that you'll want to look into more, so keep me updated please.