| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Marc G(dot) Fournier <scrappy(at)hub(dot)org>, pgsql-www <pgsql-www(at)postgresql(dot)org> |
| Subject: | Re: More link spam getting through to the lists |
| Date: | 2011-06-09 14:32:51 |
| Message-ID: | 1307629584-sup-309@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
Excerpts from Magnus Hagander's message of jue jun 09 07:14:24 -0400 2011:
> On Wed, Jun 8, 2011 at 23:14, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> > Magnus Hagander <magnus(at)hagander(dot)net> writes:
> >> This was posted by someone who was actually a subscriber to the list.
> >> And does have DKIM signatures from gmail - though I don't have the
> >> tools to verify them.
> >
> >> It indicates to me that either someone got their account(s) hacked and
> >> used to send it, or a spammer is sophisticated enough to create a
> >> gmail account and subscribed it to the list before they post.. Which
> >> seems quite advanced..
> >
> > Hard to tell which it is. I believe we've seen these from a number of
> > different gmail accounts. Do we have logs showing how long somebody's
> > been subscribed? If they were recent subscribers I'd think the latter,
> > else more likely the former.
>
> No idea, unfortunately. Marc/Alvaro, do we have such a log?
I don't think so, no. Majordomo doesn't seem to keep it. I have one
for the spanish list, of course, but that's just the emails that
Majordomo sends me to notify of the subscription changes. I somehow
doubt that Marc is going to keep them for all lists.
As far as this problem goes, anyway, I've sort of seen a similar problem
in the spanish list: some long-subscribed fellow seems to get
"something" in their Hotmail account (I've seen a couple from Gmail as
well, but Hotmail seems to be more frequently affected) and they start
sending link spam such as the above.
What I did in that case was to add a rule that sends to moderation all
emails with
/^Message-Id:.*phx.gbl/i
This blocks all the bad ones coming from Hotmail, as well as some
legitimate Hotmail email. (Fortunately we have very few active Hotmail
users anyway).
I have not looked into Gmail spam. Clearly, marking all email from
gmail.com for moderation is not practical.
--
Álvaro Herrera <alvherre(at)commandprompt(dot)com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2011-06-09 14:41:57 | Re: More link spam getting through to the lists |
| Previous Message | Magnus Hagander | 2011-06-09 11:14:24 | Re: More link spam getting through to the lists |