On 2016-08-20 09:07 +0200, Daniel Pocock wrote:
> On 18/08/16 10:48, Holger Levsen wrote:
>> On Wed, Aug 17, 2016 at 06:14:38PM +0200, Daniel Pocock wrote:
>>> I received a notification that a bug was closed.
>>>
>>> The email that closed the bug was a spam email sent to the
>>> address (bug-numb
the project, all
they have to do is put up a static web page containing all the
possible "-done" addresses and let spammers do the rest.
Daniel Pocock dijo [Wed, Aug 17, 2016 at 06:38:35PM +0200]:
> I was only talking about control emails (e.g. the -done address and
> control@). The requirements for opening bugs or submitting comments
> (without pseudo-headers) could remain as they are.
>
> Maybe it could insist that emails from a
On 2016-08-18 16:13:29 +0200, Patrick Matthäi wrote:
>
> Am 18.08.2016 um 15:48 schrieb Vincent Lefevre:
> > Reject mail with "X-PHP-Originating-Script:", at least for -done?
> > I quite often see this in spam not caught by the filters, and I
> > suppose that PHP scripts do not send mail to the BT
Am 18.08.2016 um 15:48 schrieb Vincent Lefevre:
> Reject mail with "X-PHP-Originating-Script:", at least for -done?
> I quite often see this in spam not caught by the filters, and I
> suppose that PHP scripts do not send mail to the BTS; well, this
> should be easy to see with the archives.
Then y
On 2016-08-17 14:47:24 -0500, Don Armstrong wrote:
> All of that said, we certainly do appreciate better anti-spam SA rules
> for the BTS, and we do already give negative scores for messages which
> have things which look like PGP signatures and/or come from an address
> which is in the whitelist.
On Wed, Aug 17, 2016 at 06:14:38PM +0200, Daniel Pocock wrote:
> I received a notification that a bug was closed.
>
> The email that closed the bug was a spam email sent to the address
> (bug-number)-d...@bugs.debian.org
[...]
> Maybe time to start requiring PGP signatures on control emails to t
Daniel Pocock writes:
> I was only talking about control emails (e.g. the -done address and
> control@). The requirements for opening bugs or submitting comments
> (without pseudo-headers) could remain as they are.
I don't believe the spammer intended to close the bug. The bug
had already been
On Wed, 17 Aug 2016, Daniel Pocock wrote:
> I received a notification that a bug was closed.
>
> The email that closed the bug was a spam email sent to the address
> (bug-number)-d...@bugs.debian.org
>
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737921
>
> Maybe time to start requir
; Requiring signature will increase the level to send bugs to the BTS
> for external people. And spammers could add a signature.
>
> An attempt to improve the first proposal: - If a bug report has a
> valid signature from the Debian web of trust, we could consider it
> as valid. - If no s
On 17/08/16 18:29, gustavo panizzo wrote:
> On Wed, Aug 17, 2016 at 06:14:38PM +0200, Daniel Pocock wrote:
>>
>>
>> I received a notification that a bug was closed.
>>
>> The email that closed the bug was a spam email sent to the
>> address (bug-number)-d...@bugs.debian.org
>>
>>
>> https:/
Hello,
Le 17/08/2016 à 18:14, Daniel Pocock a écrit :
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737921
>
> Maybe time to start requiring PGP signatures on control emails to the BTS?
Requiring signature will increase the level to send bugs to the BTS for
external people. And
On Wed, Aug 17, 2016 at 06:14:38PM +0200, Daniel Pocock wrote:
>
>
> I received a notification that a bug was closed.
>
> The email that closed the bug was a spam email sent to the address
> (bug-number)-d...@bugs.debian.org
>
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737921
It w
I received a notification that a bug was closed.
The email that closed the bug was a spam email sent to the address
(bug-number)-d...@bugs.debian.org
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737921
Maybe time to start requiring PGP signatures on control emails to the BTS?
iption : Apache 2.x module intended to block spammers using DNSBL
servers
mod_defensible is an Apache 2.x module intended to block spammers using
DNSBL servers. It will look at the client IP and check it in one or
several DNSBL servers and return a 403 Forbidden page to the client.
I just got another piece of spam today, nothing unusual in that,
but it seems that this one was at least going through a package
description, as the recipients included me and the upstream of a package I
manage, along with three other maintainers. I'd like to know how these
three got on the
16 matches
Mail list logo
