You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Edmund Wong <ed...@belfordhk.com> on 2009/10/21 05:30:03 UTC
Re: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
Hi,
It seems as if this Aym-nvs have been given the
green light to post on this list w/o moderation.
Can any administrator please remove it from
the list of permitted posters?
Btw, moderators can't remove posters only admins
can, right?
Edmund
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2409640
Re: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
Posted by Lorenz <lo...@yahoo.com>.
Edmund Wong wrote:
>It seems as if this Aym-nvs have been given the
>green light to post on this list w/o moderation.
>Can any administrator please remove it from
>the list of permitted posters?
>
>Btw, moderators can't remove posters only admins
>can, right?
and there is:
'Notice about your recent message to svn@subversion.tigris.org'
too
--
Lorenz
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2409645
Re: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
Posted by Jack Repenning <jr...@collab.net>.
On Oct 21, 2009, at 5:17 PM, Paul Charlton wrote:
> General question here ... does it appear that the account of someone
> real
> was hijacked by a botnet, or did the bot manage to register itself?
> I have
> seen a similar problem on other list servers in the past 2 weeks ...
I think the address describes a real person. There are (non-
subscriber) posts in several projects with that email address, a real
human name, and legitimate-sounding questions and comments.
Here's one example:
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=986384
I can only speculate how this got hijacked, but it looks not
inconsistent with a mailer virus, so perhaps the user just needs a
hygiene lesson?
-==-
Jack Repenning
Chief Technology Officer
CollabNet, Inc.
8000 Marina Boulevard, Suite 600
Brisbane, California 94005
office: +1 650.228.2562
twitter: http://twitter.com/jrep
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2410037
RE: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
Posted by Paul Charlton <te...@byiq.com>.
General question here ... does it appear that the account of someone real
was hijacked by a botnet, or did the bot manage to register itself? I have
seen a similar problem on other list servers in the past 2 weeks ...
Best regards,
Paul
-----Original Message-----
From: Jack Repenning [mailto:jrepenning@collab.net]
Sent: Wednesday, October 21, 2009 1:15 PM
To: Greg Stein
Cc: Edmund Wong; dev@subversion.tigris.org
Subject: Re: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
On Oct 21, 2009, at 12:36 AM, Greg Stein wrote:
> Jack: when I visit the Subscribers and click thru to "Remove
> subscriber", it lists this email address three times. I select the
> three address and hit the button, but it throws an error. On the
> regular list of subscribers, if I filter (by email address) to this, I
> get the three, but am unable to adjust their trusted/active markers
> (another error is thrown). ... maybe some kind of integrity constraint
> violation occurring?
No, it's a display bug. What this really means is that these addresses
are subscribed to some *other* list, but are being mis-displayed here.
I'll take a look, but in case you're in this state again, the thing to
do is to try to find them in some other list an remove them there.
Fix for this has been committed, but not applied to Tigris yet (caught
up in the change set that we had to roll back). Current ETA for making
that fix set actually happen is still a few weeks off. Fortunately,
some of that delay is due to "being more careful this time."
-==-
Jack Repenning
Chief Technology Officer
CollabNet, Inc.
8000 Marina Boulevard, Suite 600
Brisbane, California 94005
office: +1 650.228.2562
twitter: http://twitter.com/jrep
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=240
9943
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2410017
Re: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
Posted by Jack Repenning <jr...@collab.net>.
On Oct 21, 2009, at 12:36 AM, Greg Stein wrote:
> Jack: when I visit the Subscribers and click thru to "Remove
> subscriber", it lists this email address three times. I select the
> three address and hit the button, but it throws an error. On the
> regular list of subscribers, if I filter (by email address) to this, I
> get the three, but am unable to adjust their trusted/active markers
> (another error is thrown). ... maybe some kind of integrity constraint
> violation occurring?
No, it's a display bug. What this really means is that these addresses
are subscribed to some *other* list, but are being mis-displayed here.
I'll take a look, but in case you're in this state again, the thing to
do is to try to find them in some other list an remove them there.
Fix for this has been committed, but not applied to Tigris yet (caught
up in the change set that we had to roll back). Current ETA for making
that fix set actually happen is still a few weeks off. Fortunately,
some of that delay is due to "being more careful this time."
-==-
Jack Repenning
Chief Technology Officer
CollabNet, Inc.
8000 Marina Boulevard, Suite 600
Brisbane, California 94005
office: +1 650.228.2562
twitter: http://twitter.com/jrep
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2409943
Re: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
Posted by Greg Stein <gs...@gmail.com>.
On Wed, Oct 21, 2009 at 16:37, Jack Repenning <jr...@collab.net> wrote:
> On Oct 21, 2009, at 12:36 AM, Greg Stein wrote:
>
>> I've attempted to remove the email address, but tigris seems to have
>> some issues with it.
>
> As it turns out, the address is subscribed to announce@, dev@, and users@
> (all for subversion.tigris.org). The "users@" sub is the one that was
> actually "trusted". I removed that trust bit. The address is still
> subscribed to all three lists, but is no longer "trusted" in any of them.
>
> I'm interested in learning more about the incident. In particular, what
> first drew attention to this? From our understanding of the bug I mentioned,
> it screws up the display but the lists still act right. That is, since this
> address was in fact only marked "trusted" for users@ (whatever the
> screwed-up UI was saying), the address only had unmoderated posting rights
> in users@. If you have seen behavior that makes you doubt this, please tell
> me more!
I was somehow able to get one of the Trusted flags unchecked (there
*were* two, got one unchecked, leaving the one you saw). Must have
been the dev@ list (where we saw an anti-spam removal report come in
from that address).
Cheers,
-g
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2409971
Re: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
Posted by Jack Repenning <jr...@collab.net>.
On Oct 21, 2009, at 12:36 AM, Greg Stein wrote:
> I've attempted to remove the email address, but tigris seems to have
> some issues with it.
As it turns out, the address is subscribed to announce@, dev@, and
users@ (all for subversion.tigris.org). The "users@" sub is the one
that was actually "trusted". I removed that trust bit. The address is
still subscribed to all three lists, but is no longer "trusted" in any
of them.
I'm interested in learning more about the incident. In particular,
what first drew attention to this? From our understanding of the bug I
mentioned, it screws up the display but the lists still act right.
That is, since this address was in fact only marked "trusted" for
users@ (whatever the screwed-up UI was saying), the address only had
unmoderated posting rights in users@. If you have seen behavior that
makes you doubt this, please tell me more!
-==-
Jack Repenning
Chief Technology Officer
CollabNet, Inc.
8000 Marina Boulevard, Suite 600
Brisbane, California 94005
office: +1 650.228.2562
twitter: http://twitter.com/jrep
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2409955
Re: ** SPAM ** : [WARNING: VIRUS REMOVED]price-21-Oct-2009
Posted by Greg Stein <gs...@gmail.com>.
I've attempted to remove the email address, but tigris seems to have
some issues with it.
Jack: when I visit the Subscribers and click thru to "Remove
subscriber", it lists this email address three times. I select the
three address and hit the button, but it throws an error. On the
regular list of subscribers, if I filter (by email address) to this, I
get the three, but am unable to adjust their trusted/active markers
(another error is thrown). ... maybe some kind of integrity constraint
violation occurring?
Cheers,
-g
On Wed, Oct 21, 2009 at 01:30, Edmund Wong <ed...@belfordhk.com> wrote:
> Hi,
>
> It seems as if this Aym-nvs have been given the
> green light to post on this list w/o moderation.
> Can any administrator please remove it from
> the list of permitted posters?
>
> Btw, moderators can't remove posters only admins
> can, right?
>
>
> Edmund
>
> ------------------------------------------------------
> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2409640
>
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2409665