Date: Tue, 2 Dec 2003 06:37:57 +0100 (CET) From: Marc van Woerkom <marc.vanwoerkom@fernuni-hagen.de> To: FreeBSD-gnats-submit@FreeBSD.org Cc: marc.vanwoerkom@fernuni-hagen.de Subject: www/59890: send-pr database is spam harvested Message-ID: <20031202053757.0A236616F@es-i2.fernuni-hagen.de> Resent-Message-ID: <200312020540.hB25eGek011146@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 59890 >Category: www >Synopsis: send-pr database is spam harvested >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-www >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Dec 01 21:40:16 PST 2003 >Closed-Date: >Last-Modified: >Originator: Marc van Woerkom >Release: FreeBSD 4.9-STABLE i386 >Organization: FernUniversitaet in Hagen >Environment: System: FreeBSD es-i2.fernuni-hagen.de 4.9-STABLE FreeBSD 4.9-STABLE #0: Tue Nov 25 09:44:27 CET 2003 root@es-i2.fernuni-hagen.de:/easyraidhome/usr/obj/easyraidhome/usr/src/sys/Compaq-ES i386 >Description: Send PR, get SPAM in return! On 18th November I sent an PR to the FreeBSD project. Because I was not able to use the web form anymore (closed) and my FreeBSD machine had no sendmail working, I was using another machine for the first time to send mail: Date: Tue, 18 Nov 2003 19:35:31 +0100 (CET) From: Marc van Woerkom <woerkom@es-i2.fernuni-hagen.de> http://www.freebsd.org/cgi/query-pr.cgi?pr=59429&f=raw Today I filed a second PR and was surprised, when I looked into the Mail folder: 1 27-Sep root@es-i2.fernuni-hagen. [8] mailstore ist voll 2 20-Nov trevor01@epatra.com [62] Partnership Required! 3 21-Nov auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031121-191645-15826 von <viviane.marazzi@wanadoo.fr> an Sie 4 21-Nov auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031121-205219-2202 von <viviane.marazzi@wanadoo.fr> an Sie 5 25-Nov auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031125-031522-14028 von <sbodin@telusplanet.net> an Sie 6 25-Nov auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031125-141113-10395 von <urbantv.besancon@wanadoo.fr> an Sie 7 25-Nov auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031125-145956-26755 von <urbantv.besancon@wanadoo.fr> an Sie 8 27-Nov auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031127-002326-14305 von <sbodin@telusplanet.net> an Sie 9 30-Nov auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031130-154522-823 von <newdsc.agency@alico.com.eg> an Sie 10 30-Nov auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031130-191301-3919 von <jean.casteignau@wanadoo.fr> an Sie 11 1-Dec auto-operator@FernUni-Hag [85] Virus in Nachricht virus-20031201-075100-25393 von <newdsc.agency@alico.com.eg> an Sie Message 1 was regular internal message, it was sent on 27th September. Note that no mail came in for nearly a month. Then from 20th November, a spam mail drops in, and then lots of virus infected mails! As I only sent one mail out in the world before, two days before the junk mail series, this is proof that someone harvests the incoming PRs for active email addresses. :-( >How-To-Repeat: Get a fresh email account. Send PR. >Fix: I don't know. Perhaps one should filter out the email addresses, and should make them only accessible via the web interface, after some query link, or login procedure. What annoying. Regards, Marc >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031202053757.0A236616F>