[Gluster-devel] lists.gluster.org issues this weekend

Nigel Babu nigelb at redhat.com
Sat Sep 16 15:18:54 UTC 2017


Hello folks,

We have discovered that for the last few weeks our mailman server was used
for a spam attack. The attacker would make use of the + feature offered by
gmail and hotmail. If you send an email to example at hotmail.com,
example+foo at hotmail.com, example+bar at hotmail.com, it goes to the same
inbox. We were constantly hit with requests to subscribe to a few inboxes.
These requests overloaded our mail server so much that it gave up. We
detected this failure because a postmortem email to
gluster-infra at gluster.org bounced. Any emails sent to our mailman server
may have been on hold for the last 24 hours or so. They should be processed
now as your email provider re-attempts.

For the moment, we've banned subscribing with an email address with a + in
the name. If you are already subscribed to the lists with a + in your email
address, you will continue to be able to use the lists.

We're looking at banning the spam IP addresses from being able to hit the
web interface at all. When we have a working alternative, we will look at
removing the current ban of using + in address.

Apologies for the outage and a big shout out to Michael for taking time out
of his weekend to debug and fix the issue.

-- 
nigelb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gluster.org/pipermail/gluster-devel/attachments/20170916/511e68ab/attachment.html>


More information about the Gluster-devel mailing list