[Gluster-infra] lists.gluster.org issues this weekend
mscherer at redhat.com
Tue Sep 19 16:33:35 UTC 2017
Le samedi 16 septembre 2017 à 20:48 +0530, Nigel Babu a écrit :
> Hello folks,
> We have discovered that for the last few weeks our mailman server was
> for a spam attack. The attacker would make use of the + feature
> offered by
> gmail and hotmail. If you send an email to example at hotmail.com,
> example+foo at hotmail.com, example+bar at hotmail.com, it goes to the same
> inbox. We were constantly hit with requests to subscribe to a few
> These requests overloaded our mail server so much that it gave up. We
> detected this failure because a postmortem email to
> gluster-infra at gluster.org bounced. Any emails sent to our mailman
> may have been on hold for the last 24 hours or so. They should be
> now as your email provider re-attempts.
> For the moment, we've banned subscribing with an email address with a
> + in
> the name. If you are already subscribed to the lists with a + in your
> address, you will continue to be able to use the lists.
> We're looking at banning the spam IP addresses from being able to hit
> web interface at all. When we have a working alternative, we will
> look at
> removing the current ban of using + in address.
So we have a alternative in place, I pushed a blacklist using
mod_security and a few DNS blacklist:
> Apologies for the outage and a big shout out to Michael for taking
> time out
> of his weekend to debug and fix the issue.
Well, you can thanks the airport in Prague for being less interesting
than a spammer attacking us.
Sysadmin, Community Infrastructure and Platform, OSAS
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: This is a digitally signed message part
More information about the Gluster-infra