www/59890: send-pr database is spam harvested
Marc van Woerkom
marc.vanwoerkom at fernuni-hagen.de
Mon Dec 1 21:40:20 PST 2003
>Number: 59890
>Category: www
>Synopsis: send-pr database is spam harvested
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-www
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Dec 01 21:40:16 PST 2003
>Closed-Date:
>Last-Modified:
>Originator: Marc van Woerkom
>Release: FreeBSD 4.9-STABLE i386
>Organization:
FernUniversitaet in Hagen
>Environment:
System: FreeBSD es-i2.fernuni-hagen.de 4.9-STABLE FreeBSD 4.9-STABLE #0: Tue Nov 25 09:44:27 CET 2003 root at es-i2.fernuni-hagen.de:/easyraidhome/usr/obj/easyraidhome/usr/src/sys/Compaq-ES i386
>Description:
Send PR, get SPAM in return!
On 18th November I sent an PR to the FreeBSD project.
Because I was not able to use the web form anymore (closed) and
my FreeBSD machine had no sendmail working, I was using another
machine for the first time to send mail:
Date: Tue, 18 Nov 2003 19:35:31 +0100 (CET)
From: Marc van Woerkom <woerkom at es-i2.fernuni-hagen.de>
http://www.freebsd.org/cgi/query-pr.cgi?pr=59429&f=raw
Today I filed a second PR and was surprised, when I looked
into the Mail folder:
1 27-Sep root at es-i2.fernuni-hagen. [8] mailstore ist voll
2 20-Nov trevor01 at epatra.com [62] Partnership Required!
3 21-Nov auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031121-191645-15826 von <viviane.marazzi at wanadoo.fr> an Sie
4 21-Nov auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031121-205219-2202 von <viviane.marazzi at wanadoo.fr> an Sie
5 25-Nov auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031125-031522-14028 von <sbodin at telusplanet.net> an Sie
6 25-Nov auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031125-141113-10395 von <urbantv.besancon at wanadoo.fr> an Sie
7 25-Nov auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031125-145956-26755 von <urbantv.besancon at wanadoo.fr> an Sie
8 27-Nov auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031127-002326-14305 von <sbodin at telusplanet.net> an Sie
9 30-Nov auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031130-154522-823 von <newdsc.agency at alico.com.eg> an Sie
10 30-Nov auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031130-191301-3919 von <jean.casteignau at wanadoo.fr> an Sie
11 1-Dec auto-operator at FernUni-Hag [85] Virus in Nachricht virus-20031201-075100-25393 von <newdsc.agency at alico.com.eg> an Sie
Message 1 was regular internal message, it was sent on 27th September.
Note that no mail came in for nearly a month.
Then from 20th November, a spam mail drops in, and then lots of virus infected mails!
As I only sent one mail out in the world before, two days before the junk mail series, this is proof
that someone harvests the incoming PRs for active email addresses. :-(
>How-To-Repeat:
Get a fresh email account.
Send PR.
>Fix:
I don't know.
Perhaps one should filter out the email addresses, and should make
them only accessible via the web interface, after some query link,
or login procedure.
What annoying.
Regards,
Marc
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-www
mailing list