A new spam thread was posted to the Fedora Ambassadors mailing list. This post should be scrubbed and the poster removed/unsubscribed from the list:
https://lists.fedoraproject.org/archives/list/ambassadors@lists.fedoraproject.org/thread/TMYUFCP62KC44R3D4F2BI66RPMWGX7G2/
As soon as possible.
This is going on about 200+ email lists at the moment. I am blocking people as quickly as I can but I can not delete all of the stuff which has shown up.
So currently I have banned the two addresses used in the last 12 hours. There are about 400 spam messages of which I have deleted 120 or so. They are continuing to try and subscribe to lists and will probably add some more after they realize these two have been blocked. I need to go deal with work issues so going to need clean up of the rest of the archived spam to someone else.
Oh no. 😕 I didn't realize it was so widespread. Thanks for being on top of it @smooge.
I think I have cleaned out all the current spam except for one site I need to see why 'posts' to closed lists were still allowed.
The attack seems to go as follows: Create a google.com email account Use that to web-authenticate to lists.fedoraproject.org Use a web-program to grab all the lists Then use that program to subscribe to all the lists Go through the lists and post to them Then trigger various search Bots to scan that particular page (I am guessing to get paid in that if the search engine says the page was created and they watched it.. the work was done)
Repeat with a new email alias when the last one gets blocked.
More spam here
deleted, banned and blocked.
Metadata Update from @zlopez: - Issue priority set to: Waiting on Assignee (was: Needs Review) - Issue tagged with: low-trouble, medium-gain, ops
Metadata Update from @zlopez: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.