From owner-freebsd-bugs Sun Oct 27 23: 0: 6 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A9D437B401 for ; Sun, 27 Oct 2002 23:00:05 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3505643E77 for ; Sun, 27 Oct 2002 23:00:04 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g9S704x3079923 for ; Sun, 27 Oct 2002 23:00:04 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g9S704bd079922; Sun, 27 Oct 2002 23:00:04 -0800 (PST) Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2036A37B401 for ; Sun, 27 Oct 2002 22:53:03 -0800 (PST) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id D2D7043E75 for ; Sun, 27 Oct 2002 22:53:02 -0800 (PST) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.12.6/8.12.6) with ESMTP id g9S6r27R013448 for ; Sun, 27 Oct 2002 22:53:02 -0800 (PST) (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.12.6/8.12.6/Submit) id g9S6r29d013447; Sun, 27 Oct 2002 22:53:02 -0800 (PST) Message-Id: <200210280653.g9S6r29d013447@www.freebsd.org> Date: Sun, 27 Oct 2002 22:53:02 -0800 (PST) From: Marty Combs To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: misc/44554: GNATS regularly mined by spammers for e-mail addresses Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 44554 >Category: misc >Synopsis: GNATS regularly mined by spammers for e-mail addresses >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Oct 27 23:00:03 PST 2002 >Closed-Date: >Last-Modified: >Originator: Marty Combs >Release: 4.7 >Organization: >Environment: FreeBSD localhost.localdomain 4.7-RELEASE FreeBSD 4.7-RELEASE #0: Wed Oct 9 15:08:34 GMT 2002 root@builder.freebsdmall.com:/usr/obj/usr/src/sys/GENERIC i386 >Description: Within 1 week of someone replying to a comment I made on GNATS about a potential bug (Problem ID#39148), spammers mined the To: or From: fields left in the e-mail by GNATS and began sending spam to that e-mail address. Obviously the e-mail address listed is invalid, but can be determined by looking at the original GNATS problem ID# listed above. >How-To-Repeat: Create an e-mail address, make a comment on any bug listed in GNATS and wait a week or two. >Fix: Set up GNATS to filter out all From, To, or Cc header fields replacing them with generic ones. Users interested in a particular bug can opt in to receive e-mails about that bug much like bugzilla. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message