Discussion:
[Freeipa-users] List SPAM
Outback Dingo
2016-12-27 12:22:18 UTC
Permalink
Im still getting nude porn spam emails and pics from a user

Kimi Rachel <***@ryfen.com>
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Martin Basti
2016-12-27 12:32:42 UTC
Permalink
Post by Outback Dingo
Im still getting nude porn spam emails and pics from a user
It is not a user, it is a SPAM bot mining public archives. We don't have
any control about it we can just un-publish archives (tested, spam
stopped after that) but they contain a lot of information for users.

JFTR the email is changing.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Prasun Gera
2017-04-23 10:10:14 UTC
Permalink
This still continues to be a problem. Was any solution identified for this
? Why are the emails not obfuscated on the public archives ?
Post by Martin Basti
Post by Outback Dingo
Im still getting nude porn spam emails and pics from a user
It is not a user, it is a SPAM bot mining public archives. We don't have
any control about it we can just un-publish archives (tested, spam stopped
after that) but they contain a lot of information for users.
JFTR the email is changing.
--
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Dewangga Bachrul Alam
2017-04-23 11:20:07 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Mark as spam, and they gone from my inbox. :)
Post by Prasun Gera
This still continues to be a problem. Was any solution identified
for this ? Why are the emails not obfuscated on the public archives
?
Im still getting nude porn spam emails and pics from a user
It is not a user, it is a SPAM bot mining public archives. We
don't have any control about it we can just un-publish archives
(tested, spam stopped after that) but they contain a lot of
information for users.
JFTR the email is changing.
https://www.redhat.com/mailman/listinfo/freeipa-users
<https://www.redhat.com/mailman/listinfo/freeipa-users> Go to
http://freeipa.org for more info on the project
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQI4BAEBCAAiBQJY/I3kGxxkZXdhbmdnYWJhQHh0cmVtZW5pdHJvLm9yZwAKCRDl
f9IgoCjNcLLgEAChyD/U8wlcTlwjiWgcbyLOcwrFsfvJ1HKUKPi4+fh3VDtX1iQF
XwSyxeMch+obLEraKXI01+rpk6cgxg2xWnhxcUOobsVPzFoQVFnYU9+Ngxpgajx9
XRigMU4lxwBf33IO3DOM7iUGdw4DfRaVZ5H3UUv/6JaQmxwyL6rmxVjcbhMFBcnG
p6Mw+xzsWlIgmf5Kz8e/Eu3pxZXgrxOddtI5z9e7ApZiRavtdi5SuNIEHPsVNC0j
6P2eNA/zK3E3IpfknWB2wCoR2+gB/1fYzP71iz55exy3Sefnv0CLpjnhRoPsuzVm
iiFeBF64KOYWmK0Uw3ftfNEw67bHPcvlnba4Ftj2PsTkwupH9/RpccQ0t9yOl+gi
fdmY7s91MdODNXiKR5GG/bT5JPyBE5VtkufZIqJDLliqn1kVkCLqSgOLZyQflhI6
2pZLHufBMiMGKgdEfSx1DdqmPILLqlIhr+kqAn0qtyIDlz1jV5cic9issi4Z/aWi
MVECMBkPu5kNnANVKBz2YjbL8LD/Dr15R2WZVH7drzAc4Byo88DRpwESSqS0W4hX
ai1nVTxyD8CdW8Ab63rLwmvF8li39V1Xse2hiinntaYa/Ap6/WFNOR7Qyon5yxnG
/AFpAgtWgH0rjnNMNnYZO3Ck7hpSgdCCgqOTOKc+3FHqqcg+K7uckqdswg==
=G2rj
-----END PGP SIGNATURE-----
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Prasun Gera
2017-04-24 02:24:25 UTC
Permalink
That doesn't work very well. The spam bots use different emails. And gmail
marks the entire message thread as spam, not just the spam reply.

On Sun, Apr 23, 2017 at 7:20 AM, Dewangga Bachrul Alam <
Post by Dewangga Bachrul Alam
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Mark as spam, and they gone from my inbox. :)
Post by Prasun Gera
This still continues to be a problem. Was any solution identified
for this ? Why are the emails not obfuscated on the public archives
?
Im still getting nude porn spam emails and pics from a user
It is not a user, it is a SPAM bot mining public archives. We
don't have any control about it we can just un-publish archives
(tested, spam stopped after that) but they contain a lot of
information for users.
JFTR the email is changing.
https://www.redhat.com/mailman/listinfo/freeipa-users
<https://www.redhat.com/mailman/listinfo/freeipa-users> Go to
http://freeipa.org for more info on the project
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQI4BAEBCAAiBQJY/I3kGxxkZXdhbmdnYWJhQHh0cmVtZW5pdHJvLm9yZwAKCRDl
f9IgoCjNcLLgEAChyD/U8wlcTlwjiWgcbyLOcwrFsfvJ1HKUKPi4+fh3VDtX1iQF
XwSyxeMch+obLEraKXI01+rpk6cgxg2xWnhxcUOobsVPzFoQVFnYU9+Ngxpgajx9
XRigMU4lxwBf33IO3DOM7iUGdw4DfRaVZ5H3UUv/6JaQmxwyL6rmxVjcbhMFBcnG
p6Mw+xzsWlIgmf5Kz8e/Eu3pxZXgrxOddtI5z9e7ApZiRavtdi5SuNIEHPsVNC0j
6P2eNA/zK3E3IpfknWB2wCoR2+gB/1fYzP71iz55exy3Sefnv0CLpjnhRoPsuzVm
iiFeBF64KOYWmK0Uw3ftfNEw67bHPcvlnba4Ftj2PsTkwupH9/RpccQ0t9yOl+gi
fdmY7s91MdODNXiKR5GG/bT5JPyBE5VtkufZIqJDLliqn1kVkCLqSgOLZyQflhI6
2pZLHufBMiMGKgdEfSx1DdqmPILLqlIhr+kqAn0qtyIDlz1jV5cic9issi4Z/aWi
MVECMBkPu5kNnANVKBz2YjbL8LD/Dr15R2WZVH7drzAc4Byo88DRpwESSqS0W4hX
ai1nVTxyD8CdW8Ab63rLwmvF8li39V1Xse2hiinntaYa/Ap6/WFNOR7Qyon5yxnG
/AFpAgtWgH0rjnNMNnYZO3Ck7hpSgdCCgqOTOKc+3FHqqcg+K7uckqdswg==
=G2rj
-----END PGP SIGNATURE-----
--
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Lachlan Musicman
2017-04-28 03:10:20 UTC
Permalink
Post by Prasun Gera
That doesn't work very well. The spam bots use different emails. And gmail
marks the entire message thread as spam, not just the spam reply.
On Sun, Apr 23, 2017 at 7:20 AM, Dewangga Bachrul Alam <
Post by Dewangga Bachrul Alam
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Mark as spam, and they gone from my inbox. :)
If you are using gmail:

- block the email address
- mark the message as spam (not the thread)
- you can then delete the message in question


Note that this can still cause issues wrt workplace and SFW images, as
Gmail automatically "previews" images.

I leave them to deal with at home and have reported the problem to my
manager and IT team so they know it's not my fault - as both acknowledge
and understand that this forum has been very valuable to us wrt getting
things working.

L.



------
The most dangerous phrase in the language is, "We've always done it this
way."

- Grace Hopper
Prasun Gera
2017-04-28 12:01:12 UTC
Permalink
Yes, I am aware of the workarounds, and went through the exact same steps
that you mentioned several times. This is clearly not a solution. Can
someone from the team comment on why email addresses are published in the
first place ? I do not see any advantages and plenty of disadvantages. Spam
notwithstanding, I am not a big fan of the email being published at all.
Post by Lachlan Musicman
Post by Prasun Gera
That doesn't work very well. The spam bots use different emails. And
gmail marks the entire message thread as spam, not just the spam reply.
On Sun, Apr 23, 2017 at 7:20 AM, Dewangga Bachrul Alam <
Post by Dewangga Bachrul Alam
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Mark as spam, and they gone from my inbox. :)
- block the email address
- mark the message as spam (not the thread)
- you can then delete the message in question
Note that this can still cause issues wrt workplace and SFW images, as
Gmail automatically "previews" images.
I leave them to deal with at home and have reported the problem to my
manager and IT team so they know it's not my fault - as both acknowledge
and understand that this forum has been very valuable to us wrt getting
things working.
L.
------
The most dangerous phrase in the language is, "We've always done it this
way."
- Grace Hopper
--
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Peter Fern
2017-05-01 12:08:31 UTC
Permalink
Post by Martin Basti
Post by Outback Dingo
Im still getting nude porn spam emails and pics from a user
It is not a user, it is a SPAM bot mining public archives. We don't
have any control about it we can just un-publish archives (tested,
spam stopped after that) but they contain a lot of information for users.
It's pretty bad - I got a dozen spam messages in response to a reply to
the list today, and zero legitimate replies. If these are really being
scraped from the archives, can we please scrub email addresses entirely
from the archive?
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Peter Fern
2017-05-01 12:15:31 UTC
Permalink
Post by Peter Fern
Post by Martin Basti
It is not a user, it is a SPAM bot mining public archives. We don't
have any control about it we can just un-publish archives (tested,
spam stopped after that) but they contain a lot of information for users.
It's pretty bad - I got a dozen spam messages in response to a reply to
the list today, and zero legitimate replies. If these are really being
scraped from the archives, can we please scrub email addresses entirely
from the archive?
In fact, based on the rapidity of the spam replies, I was a little
suspicious of the suggestion that they're being harvested from the
public archives. Checking the message headers reveals that these
replies are actually being generated directly from the mailing list,
since they contain a valid In-Reply-To Message-Id.

So, these are actually being generated by a subscriber on the list.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Peter Fern
2017-05-01 12:25:34 UTC
Permalink
Post by Peter Fern
Post by Peter Fern
Post by Martin Basti
It is not a user, it is a SPAM bot mining public archives. We don't
have any control about it we can just un-publish archives (tested,
spam stopped after that) but they contain a lot of information for users.
It's pretty bad - I got a dozen spam messages in response to a reply to
the list today, and zero legitimate replies. If these are really being
scraped from the archives, can we please scrub email addresses entirely
from the archive?
In fact, based on the rapidity of the spam replies, I was a little
suspicious of the suggestion that they're being harvested from the
public archives. Checking the message headers reveals that these
replies are actually being generated directly from the mailing list,
since they contain a valid In-Reply-To Message-Id.
So, these are actually being generated by a subscriber on the list.
Aaaand... a final note on the topic, my presumption here may be
unfounded - looks like the mail archive includes email headers as HTML
comments, so it's tough to conclude anything... still, they'd have to be
hammering the archive site to scrape and post emails with the speed they
arrive - it takes about the same time to receive a spam reply as it does
for my mail to appear on the list.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Alexander Bokovoy
2017-05-01 15:04:11 UTC
Permalink
Post by Peter Fern
Post by Peter Fern
Post by Peter Fern
Post by Martin Basti
It is not a user, it is a SPAM bot mining public archives. We don't
have any control about it we can just un-publish archives (tested,
spam stopped after that) but they contain a lot of information for users.
It's pretty bad - I got a dozen spam messages in response to a reply to
the list today, and zero legitimate replies. If these are really being
scraped from the archives, can we please scrub email addresses entirely
from the archive?
In fact, based on the rapidity of the spam replies, I was a little
suspicious of the suggestion that they're being harvested from the
public archives. Checking the message headers reveals that these
replies are actually being generated directly from the mailing list,
since they contain a valid In-Reply-To Message-Id.
So, these are actually being generated by a subscriber on the list.
Aaaand... a final note on the topic, my presumption here may be
unfounded - looks like the mail archive includes email headers as HTML
comments, so it's tough to conclude anything... still, they'd have to be
hammering the archive site to scrape and post emails with the speed they
arrive - it takes about the same time to receive a spam reply as it does
for my mail to appear on the list.
Unfortunately, we do not control list archives on that granularity to
mangle headers/emails. We can either close the archives down with a
password or move list archives to Fedora project. In the latter we have
more featured and updated mailing list software.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Continue reading on narkive:
Loading...