Re: Who gets an email when with bugreports [was: Re: Unauthorised activity surrounding tbb package]
On 2015-01-22 12:41:05 +1000, Russell Stuart wrote:
> On Wed, 2015-01-21 at 21:10 -0500, Michael Gilbert wrote:
> > So anyway, nnnnnn-subscribe can be used to spam confirmation messages
> > currently, and general mail to the bts from an unknown address will
> > end up doing the same, but it's basically a non-issue because it's a
> > rather uninteresting thing to do for anyone that might consider
> > wanting to do it.
> I don't know how interesting it would be on an absolute scale, it
> certainly would be "more interesting than it is now" if we remove the
> authentication we have.
> The reason is all that happens now is you get one unwanted email and
> that is the end of it.
A spammer can send several nnnnnn-subscribe messages.
Vincent Lefèvre <firstname.lastname@example.org> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)