You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2011/08/29 16:02:20 UTC
[Bug 6656] New: sa-update could send more information to help
mirrors/project track issues
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6656
Bug #: 6656
Summary: sa-update could send more information to help
mirrors/project track issues
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: PC
OS/Version: Windows 7
Status: NEW
Severity: normal
Priority: P2
Component: sa-update
AssignedTo: dev@spamassassin.apache.org
ReportedBy: kmcgrail@pccc.com
Classification: Unclassified
I believe sa-update and documentation should be changed to include sending more
information via the user-agent:
internal IP
internal system name
*nix distro (if applicable)
This information is only accessible by mirror admins and is for the long-term
administration of the sa-update project.
It will hopefully let us identify abusers, problematic installs and
distributions that need fixing.
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 6656] sa-update could send more information to help
mirrors/project track issues
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6656
Michael Scheidell <sc...@secnap.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |scheidell@secnap.net
--- Comment #1 from Michael Scheidell <sc...@secnap.net> 2011-12-31 10:56:59 UTC ---
I (as a mirror operator) would appreciate this,
However, as a security/privacy professional, I would be upset to the MAX if
sa-update was sending my internal (behind nat) private ip address.
I believe it would violate privacy and security policies at major companies,
and could possibly even violate EU data privacy and protection laws.
(we also do IT security audits, and no, you don't want to give ANYONE, a clue
about your internal structure).
Trust the sa-update ops? yep, good, then why pgp signatures?
Post this question in sa users group, and don't do it like a poster for a
political party:
1) should we reveal internal private information about your network to
sa-update operators.
or
2) should we improve sa-update?
(be careful how you approach question.. )
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.