Opened 5 years ago

Closed 5 years ago

#16344 closed defect (fixed)

Anomalous tor-reports@ subscription requests

Reported by: atagar Owned by: weasel
Priority: Medium Milestone:
Component: Internal Services/Service - lists Version:
Severity: Normal Keywords:
Cc: qbi Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


For months we've gotten complaints from folks who get anomalous subscription requests for tor-reports@. This seems to be unique to this list, and shouldn't be hard to figure out (latest report said they got 300 requests, and considering the volume of complaints I wouldn't be surprised if it's true).

If we took a look at the Mailman subscription requests for tor-reports@ I bet we'd find that gobs were comping from a single source.

Peter: Thoughts? I suspect we don't keep any logs at present and are reluctant to do so for privacy reasons. That said, Karsten and I get almost daily complaints and this seems like it could be a pretty targeted thing to investigate.

Child Tickets

Change History (7)

comment:1 Changed 5 years ago by atagar

Karsten and I are still getting complaints about this. A recent one had a possibly good suggestion: add a captcha to subscriptions. Quick search shows this is what someone else used to address this type of spam...

Should this be reassigned to the sysadmin component? I'm not sure Karsten and I have access to do any of the needful to either investigate or fix this.

comment:2 Changed 5 years ago by qbi

Cc: qbi added

comment:3 Changed 5 years ago by qbi

Severity: Normal

Most of the subscription requests come from a site called I changed the Apache settings to look for the referer. If there is a mailbait referer, which wants to subscribe to some mailing list, the request will get a 403 response. So I hope this helps to resolve this ticket.

comment:4 Changed 5 years ago by atagar

Great, thanks qbi!

comment:5 Changed 5 years ago by qbi

Resolution: fixed
Status: newclosed

I hope with my changes the issue is resolved. Thus I close the ticket.

comment:6 Changed 5 years ago by atagar

Resolution: fixed
Status: closedreopened

Reopening. Sadly we just got another report of this. :(

comment:7 Changed 5 years ago by atagar

Resolution: fixed
Status: reopenedclosed

qbi figured out what was up, it was a different spam service.

Note: See TracTickets for help on using tickets.