[Tracker-discuss] [Pydotorg] Fwd: spamvertised content on bugs.python.org
Erik Forsberg
forsberg at efod.se
Mon May 14 15:41:58 CEST 2007
måndag 14 maj 2007 15:10 skrev Barry Warsaw:
Being in a hurry, I just wanted to let you know that I've moved the files that
correspond to the spam content which means the spam content is no longer
served by bugs.python.org.
We'll have to intensify the work on getting better anti-spam measures in
place. I've begun writing some detailed hints on how to implement issue105 in
the meta tracker, but ran out of time yesterday before completion.
Regards,
\EF - not normally a top-poster.. :-)
> On May 14, 2007, at 4:54 AM, Brad Knowles wrote:
> > Looks like we're having some problems within the bug tracking system,
> > and I'm not quite sure where to report this one.
>
> I think the meta-tracker is the right place to report this:
>
> http://psf.upfronthosting.co.za/roundup/meta/
>
> as is the tracker-discuss at python.org mailing list.
>
> > We should probably also re-check all of our other systems to ensure
> > that they are secure.
>
> The Roundup tracker is still beta so I know that those guys have been
> working hard to address issues like this. As far as other systems
> go, I think the wiki has been plagued by spam in the past, though
> ISTR reading that certain recent measures have helped here too.
>
> > Barry -- I imagine we'll want to check all known blacklists to ensure
> > that our IP address(es) either has/have not been added as a result of
> > this activity, or that we get it/them removed as quickly as possible.
> >
> > I'll do an initial run on that process right after I send this
> > message (checking all the IP addresses, hostnames, URLs, etc... that
> > I know about using all the blacklist checking resources I know
> > about), but you'll probably want to followup as soon as you can.
>
> Brad, I really appreciate you looking into this. I don't know when
> I'll have time to look into this, but if there's anything specific
> you want me to look at, let me know. I'll try to hang out on
> #pydotorg today.
>
> [quoting the rest of the message for the benefit of tracker-discuss -
> BAW]
>
> -Barry
>
> > Lets see how quickly we can get this issue resolved. I'd followup
> > with immediate telephone calls right now, but I don't have any
> > numbers for anyone, and since it's 3:50AM CDT, I figure most of the
> > US people are probably asleep. I might be able to catch a few people
> > in Europe, but that would include the likes of Vincent and this
> > message demonstrates that they're probably already doing everything
> > they can.
> >
> > We'll want to address that telephone escalation issue in the "lessons
> > learned" session after we've dealt with the initial fallout.
> >
> >
> > Here we go....
> >
> > --- begin forwarded text
> >
> > Delivered-To: postmaster at bag.python.org
> > Date: Mon, 14 May 2007 09:21:02 +0200
> > From: Vincent
> > Organization: XS4ALL Internet BV
> > Cc: postmaster at python.org
> > Subject: spamvertised content on bugs.python.org
> >
> > Hello,
> >
> > It appears that spammers have uploaded some files to bugs.python.org
> > (and perhaps other places) with the intention to abuse the system as
> > a spamvertised-website hosting system.
> >
> > Here are some URLs that have been reported to us (as actual spam-
> > reports):
> >
> > http://bugs.python.org/file7737/strippers456.html
> > http://bugs.python.org/file7733/squirt.html
> > http://bugs.python.org/file7735/stocking.html
> > http://bugs.python.org/file7738/strippers.html
> > http://bugs.python.org/file7741/swingers5236.html
> > http://bugs.python.org/file7739/stripping.html
> > http://bugs.python.org/file7740/sucking.html
> > http://bugs.python.org/file7742/swingers.html
> >
> > I'd recommend you examine the logs for the bug tracking system to
> > find any accounts related to this one and close them. This type of
> > abuse has recently taken off; it might be useful to re-examine the
> > measures in place to prevent this and other abuse of the bug-tracking
> > system.
> > --
> > XS4ALL Abuse http://www.xs4all.nl/veiligheid/
> > XS4ALL Internet B.V. Diemen KvK 33287534
> >
> > --- end forwarded text
> >
> >
> > --
> > Brad Knowles <brad at python.org>
> > Member of the Python.org Postmaster Team
> > Co-moderator of mailman-users and mailman-developers mailing lists
> >
> > 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
> > _______________________________________________
> > Pydotorg mailing list
> > Pydotorg at python.org
> > http://mail.python.org/mailman/listinfo/pydotorg
>
> _______________________________________________
> Tracker-discuss mailing list
> Tracker-discuss at python.org
> http://mail.python.org/mailman/listinfo/tracker-discuss
--
http://efod.se/
More information about the Tracker-discuss
mailing list