Open
Bug 1112698
Opened 9 years ago
Updated 8 years ago
a lot of spam from basket@basket.mozilla.org
Categories
(www.mozilla.org :: Newsletters, defect)
Tracking
(Not tracked)
NEW
People
(Reporter: jbertsch, Unassigned)
References
Details
On Wed, Dec 17, 2014 at 11:08 AM, Amy Tsay <atsay@mozilla.com> wrote: I have 15K+ emails from basket@basket.mozilla.org since yesterday...all spam, I think. The comment field says "20". What's going on? Thanks, Amy
Reporter | ||
Comment 1•9 years ago
|
||
Note: this is probably related to the Get Involved page set up since Amy is a steward.
Comment 2•9 years ago
|
||
Amy is the steward for the Add-Ons and Marketplace areas, which show up under Testing, Writing, and Coding on the /contribute page. Janet Swisher (who handles the documentation section) reported 10 "test" messages over the last 24 hours maybe related, maybe not, certainly not 15k.
Comment 3•9 years ago
|
||
Does sound like a spam attack. We can look into adding some spam prevention, but there is very little we've been able to do so far on other forms.
Comment 4•9 years ago
|
||
The Web Compat team reports 10k+ spam messages to their area of Get Involved, example to follow -------- Forwarded Message -------- Subject: Inquiry about Web Compatibility Date: Tue, 30 Dec 2014 12:15:47 -0000 From: basket@basket.mozilla.org To: miket@mozilla.com Name: file:///etc/passwd Email: sample@email.tst Area of Interest: Web Compatibility Language: en-US Comment: 20 (I'm documenting this in the event that we do find resources to add spam prevention to the page, and adding Mike Taylor from Web Compat)
Comment 5•9 years ago
|
||
I'm starting to wonder if this is some security testing someone at Mozilla is doing. I'm not aware of any, but it could be. It could also just be a random script testing sites for common vulnerabilities. We'll see what we can do.
Comment 8•9 years ago
|
||
Francesco, I happened today again. Whether 1138174 should be reported as duplicate I am not sure
Comment 9•9 years ago
|
||
More than 500 emails for Coding, Addons and Marketplace.
Comment 10•9 years ago
|
||
I got about 11,000 emails for Web Compatibility, all from "sample@email.tst" yesterday. Made Thunderbird choke for about 40 minutes before filters could run. :'( Suggestion - add "sample@email.tst" to a blacklist immediately, and start blocking IPs/email addresses if they send more than N requests per minute.
Comment 11•8 years ago
|
||
I'm adding a bug as being dependent on this one and keeping it open for now. It's a frequent category of web bounty submission, this bug is a good exemplar. Can someone please explain what happens when an email is submitted, vs when many are submitted at once? I just tried it out and was able to sign myself up several times. Someone could use the form to either flood one persons mailbox or flood a large list of addresses to cause Mozilla be flagged as a spammer by blacklists etc. There are major problems with every kind of reverse turing test[1] but I there are is one abuse case we could prevent, email flooding of a single user. Lookup the email address, check if someone is already subscribed. If so, don't send them another mail. Say, "If you weren't already subscribed, you are now" or something like that so as not to provide an oracle to identify subscribed email addresses. Make sure to account for + in the email address since google and other email systems allow for example user+something@gmail.com, ignoring the + and thereafter for delivery purposes. 1. https://www.w3.org/TR/turingtest/
No longer blocks: 1273757
You need to log in
before you can comment on or make changes to this bug.
Description
•