You are viewing a plain text version of this content. The canonical link for it is here.
Posted to general@gump.apache.org by "Adam R. B. Jack" <aj...@apache.org> on 2004/08/04 20:49:12 UTC
Spam hijacking Gump content...
This is a new one on me (and new for Gump, I believe). Gump's content was
cloned to carry a bogus URL.
http://nagoya.apache.org/eyebrowse/ReadMsg?listName=commons-dev@jakarta.apache.org&msgNo=54193
Note the nasty little URL inserted at the top of the mail...
regards
Adam
--
Have you Gump'ed your code today?
http://gump.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: Spam hijacking Gump content...
Posted by Nick Chalko <ni...@chalko.com>.
>
> Not sure what we can do about that. Especially if they are forging
> the envelope headers to be someone on the list. *shrug*
>
> How does Gump feel about digital signatures of its messages? ;-) --
> justin
>
That is a cool Idea,
Several security concerns about the process running gump.
Also then the GUMP users would have to subscribe to the list.
However unless the list rejects unsigned emails, it will hardly fix
prevent the problem.
R,
Nick
Re: Spam hijacking Gump content...
Posted by Justin Erenkrantz <je...@apache.org>.
--On Wednesday, August 4, 2004 12:33 PM -0700 "Adam R. B. Jack"
<aj...@apache.org> wrote:
> I suspect they simply subscribed, and replied to the mail Gump just sent.
> That makes it seem a human action. That said, I've not examined headers or
> anything to know. Ought the Jakarta PMC be notified? Sorry if it is an FAQ,
> but was do we do with such content (links) in our archives?
We can't remove it from the archives. We have a lot of third-parties who
archive our mailing lists - we can't control them.
My advice is to ignore it and move on with trying to get Gump to sign its
messages. *shrug* -- justin
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: Spam hijacking Gump content...
Posted by "Adam R. B. Jack" <aj...@apache.org>.
>> Note the nasty little URL inserted at the top of the mail...
>
> Clever. Did they just take a message in the archive and prepend that line?
I suspect they simply subscribed, and replied to the mail Gump just sent.
That makes it seem a human action. That said, I've not examined headers or
anything to know. Ought the Jakarta PMC be notified? Sorry if it is an
FAQ, but was do we do with such content (links) in our archives?
> Not sure what we can do about that. Especially if they are forging the
> envelope headers to be someone on the list. *shrug*
>
> How does Gump feel about digital signatures of its messages? ;-) -- justin
Increasingly open minded. ;-) If there is anything Gump can do to make
this more difficult, please let us know. Interestingly though, I can't
imagine that this isn't doable with any mail thread, not just Gump
messages. I just happened to stumble onto this one 'cos I read try to
read Gump initiated threads.
regards
Adam
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: Spam hijacking Gump content...
Posted by Justin Erenkrantz <je...@apache.org>.
--On Wednesday, August 4, 2004 11:49 AM -0700 "Adam R. B. Jack"
<aj...@apache.org> wrote:
> This is a new one on me (and new for Gump, I believe). Gump's content was
> cloned to carry a bogus URL.
>
> http://nagoya.apache.org/eyebrowse/ReadMsg?listName=commons-dev@jakarta.apac
> he.org&msgNo=54193
>
> Note the nasty little URL inserted at the top of the mail...
Clever. Did they just take a message in the archive and prepend that line?
Not sure what we can do about that. Especially if they are forging the
envelope headers to be someone on the list. *shrug*
How does Gump feel about digital signatures of its messages? ;-) -- justin
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org