This morning, devel@lists.fp.o was spammed with emails such as this:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/LQEIFKPKYCUNKRIW5ZQUZTJTLSEMDKLU/
I believe that some virus abused my email address. Could you please confirm this? Is there any chance to prevent this in the future?
These emails were being originally sent by a Chinese IP address, and not rejected by our mailserver, and then bounced around. The emails have been removed from the archives, and I am now looking into how to prevent this in the future.
So there were a number of problems here:
1) spamassassin is processing emails, but mailman is not moderating/dropping high scoring ones.
2) There is some strange artifact of migration that left us with a bunch of whitelist rules that shouldn't be there.
3) local accounts were still allowed so spammers could make a local account and send from it.
3 is now closed. 2 needs to be cleaned up, perhaps by @abompard or @puiterwijk 1 needs to be fixed.
Assigning to @puiterwijk to look into monday.
Metadata Update from @kevin: - Issue assigned to puiterwijk - Issue tagged with: lists
2 has been fixed. 1 I have not seen any further concrete examples that got past, but I think that was caused by 2.
Metadata Update from @puiterwijk: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.