<div><br><div class="gmail_quote"><div dir="auto">On Fri, 22 Sep 2017 at 18:54, Ravishankar N <<a href="mailto:ravishankar@redhat.com">ravishankar@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
Hello,<br>
Are our servers still facing the overload issue? My replies to
gluster-users ML are not getting delivered to the list.</div></blockquote><div dir="auto"><br></div><div dir="auto">Same here. Even this is true for gluster-devel as well. </div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div text="#000000" bgcolor="#FFFFFF"><br>
Regards,<br>
Ravi</div><div text="#000000" bgcolor="#FFFFFF"><br>
<br>
<div class="m_-7011003590865531800moz-cite-prefix">On 09/19/2017 10:03 PM, Michael Scherer
wrote:<br>
</div>
</div><div text="#000000" bgcolor="#FFFFFF"><blockquote type="cite">
<pre>Le samedi 16 septembre 2017 à 20:48 +0530, Nigel Babu a écrit :
</pre>
<blockquote type="cite">
<pre>Hello folks,
We have discovered that for the last few weeks our mailman server was
used
for a spam attack. The attacker would make use of the + feature
offered by
gmail and hotmail. If you send an email to <a class="m_-7011003590865531800moz-txt-link-abbreviated" href="mailto:example@hotmail.com" target="_blank">example@hotmail.com</a>,
<a class="m_-7011003590865531800moz-txt-link-abbreviated" href="mailto:example+foo@hotmail.com" target="_blank">example+foo@hotmail.com</a>, <a class="m_-7011003590865531800moz-txt-link-abbreviated" href="mailto:example+bar@hotmail.com" target="_blank">example+bar@hotmail.com</a>, it goes to the same
inbox. We were constantly hit with requests to subscribe to a few
inboxes.
These requests overloaded our mail server so much that it gave up. We
detected this failure because a postmortem email to
<a class="m_-7011003590865531800moz-txt-link-abbreviated" href="mailto:gluster-infra@gluster.org" target="_blank">gluster-infra@gluster.org</a> bounced. Any emails sent to our mailman
server
may have been on hold for the last 24 hours or so. They should be
processed
now as your email provider re-attempts.
For the moment, we've banned subscribing with an email address with a
+ in
the name. If you are already subscribed to the lists with a + in your
email
address, you will continue to be able to use the lists.
We're looking at banning the spam IP addresses from being able to hit
the
web interface at all. When we have a working alternative, we will
look at
removing the current ban of using + in address.
</pre>
</blockquote>
<pre>So we have a alternative in place, I pushed a blacklist using
mod_security and a few DNS blacklist:
<a class="m_-7011003590865531800moz-txt-link-freetext" href="https://github.com/gluster/gluster.org_ansible_configuration/commit/2f4" target="_blank">https://github.com/gluster/gluster.org_ansible_configuration/commit/2f4</a>
c1b8feeae16e1d0b7d6073822a6786ed21dde
</pre>
<blockquote type="cite">
<pre>Apologies for the outage and a big shout out to Michael for taking
time out
of his weekend to debug and fix the issue.
</pre>
</blockquote>
<pre>Well, you can thanks the airport in Prague for being less interesting
than a spammer attacking us.
</pre>
<br>
<fieldset class="m_-7011003590865531800mimeAttachmentHeader"></fieldset>
<br>
</blockquote></div><div text="#000000" bgcolor="#FFFFFF"><blockquote type="cite"><pre>_______________________________________________
Gluster-users mailing list
<a class="m_-7011003590865531800moz-txt-link-abbreviated" href="mailto:Gluster-users@gluster.org" target="_blank">Gluster-users@gluster.org</a>
<a class="m_-7011003590865531800moz-txt-link-freetext" href="http://lists.gluster.org/mailman/listinfo/gluster-users" target="_blank">http://lists.gluster.org/mailman/listinfo/gluster-users</a></pre>
</blockquote>
<br>
</div>
_______________________________________________<br>
Gluster-users mailing list<br>
<a href="mailto:Gluster-users@gluster.org" target="_blank">Gluster-users@gluster.org</a><br>
<a href="http://lists.gluster.org/mailman/listinfo/gluster-users" rel="noreferrer" target="_blank">http://lists.gluster.org/mailman/listinfo/gluster-users</a></blockquote></div></div><div dir="ltr">-- <br></div><div class="gmail_signature" data-smartmail="gmail_signature">- Atin (atinm)</div>