www/59890: send-pr database is spam harvested

Marc van Woerkom marc.vanwoerkom at fernuni-hagen.de
Mon Dec 1 21:40:20 PST 2003 

>Number:         59890
>Category:       www
>Synopsis:       send-pr database is spam harvested
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-www
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 01 21:40:16 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     Marc van Woerkom
>Release:        FreeBSD 4.9-STABLE i386
>Organization:
FernUniversitaet in Hagen
>Environment:
System: FreeBSD es-i2.fernuni-hagen.de 4.9-STABLE FreeBSD 4.9-STABLE #0: Tue Nov 25 09:44:27 CET 2003 root at es-i2.fernuni-hagen.de:/easyraidhome/usr/obj/easyraidhome/usr/src/sys/Compaq-ES i386


	
>Description:
Send PR, get SPAM in return!

On 18th November I sent an PR to the FreeBSD project.
Because I was not able to use the web form anymore (closed) and
my FreeBSD machine had no sendmail working, I was using another
machine for the first time to send mail: 

  Date: Tue, 18 Nov 2003 19:35:31 +0100 (CET)
  From: Marc van Woerkom <woerkom at es-i2.fernuni-hagen.de>

  http://www.freebsd.org/cgi/query-pr.cgi?pr=59429&f=raw

Today I filed a second PR and was surprised, when I looked
into the Mail folder:

   1  27-Sep  root at es-i2.fernuni-hagen.   [8] mailstore ist voll
   2  20-Nov        trevor01 at epatra.com  [62] Partnership Required!
   3  21-Nov  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031121-191645-15826 von <viviane.marazzi at wanadoo.fr> an Sie
   4  21-Nov  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031121-205219-2202 von <viviane.marazzi at wanadoo.fr> an Sie
   5  25-Nov  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031125-031522-14028 von <sbodin at telusplanet.net> an Sie
   6  25-Nov  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031125-141113-10395 von <urbantv.besancon at wanadoo.fr> an Sie
   7  25-Nov  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031125-145956-26755 von <urbantv.besancon at wanadoo.fr> an Sie
   8  27-Nov  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031127-002326-14305 von <sbodin at telusplanet.net> an Sie
   9  30-Nov  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031130-154522-823 von <newdsc.agency at alico.com.eg> an Sie
  10  30-Nov  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031130-191301-3919 von <jean.casteignau at wanadoo.fr> an Sie
  11   1-Dec  auto-operator at FernUni-Hag  [85] Virus in Nachricht virus-20031201-075100-25393 von <newdsc.agency at alico.com.eg> an Sie

Message 1 was regular internal message, it was sent on 27th September.
Note that no mail came in for nearly a month.
Then from 20th November, a spam mail drops in, and then lots of virus infected mails!

As I only sent one mail out in the world before, two days before the junk mail series, this is proof 
that someone harvests the incoming PRs for active email addresses. :-(

>How-To-Repeat:
	

Get a fresh email account.
Send PR.

>Fix:

I don't know. 
Perhaps one should filter out the email addresses, and should make
them only accessible via the web interface, after some query link,
or login procedure.

What annoying.

Regards,
Marc





>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-www mailing list