[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Lots of (easily recognisible) spam sent to the BTS today

On Mon October 30 2006 16:46, Javier Fernández-Sanguino Peña wrote:
> However, confirming each spam I have
> in my mailbox vs. the web interface is time consuming and slightly
> frustating when you find that the spam had no opportunity to get in
> (the bug was archived) or it was already removed (bad).

How time consuming it is depends on the UI. I checked out and reported 
70+ spam messages sent to packages (via nnn@bugs.debian.org) handled by 
team@dpkg.org a couple days ago (two batches) fairly quickly by using 
KDE's "run command" applet (averaging 8 keystrokes, 2 mouse movements, 
and two clicks, per message.)

> PS: If abuse of that (e-mail) interface was of concern it could be
> implemented so as to only consider GPG/PGP signed mail from DDs (I
> don't see that the web interface takes any precaution against being
> abused, from what I can tell, but a e-mail gateway is slightly more
> easier to abuse)

I have also been doing some bug cleaning in dselect recently (30+ bugs 
closed or recalssified, only one which I ended up reopening), something 
which would not be possible without pestering DD's if signed messages 
were required.

I have yet to see a spam message sent to the BTS which used a "Package:" 
pseudoheader, so that should work to eliminate BTS spam without 
preventing non-DD's helping out.

- Bruce

Reply to: