[Gluster-infra] [Gluster-users] lists.gluster.org issues this weekend
ravishankar at redhat.com
Fri Sep 22 01:40:55 UTC 2017
Are our servers still facing the overload issue? My replies to
gluster-users ML are not getting delivered to the list.
On 09/19/2017 10:03 PM, Michael Scherer wrote:
> Le samedi 16 septembre 2017 à 20:48 +0530, Nigel Babu a écrit :
>> Hello folks,
>> We have discovered that for the last few weeks our mailman server was
>> for a spam attack. The attacker would make use of the + feature
>> offered by
>> gmail and hotmail. If you send an email to example at hotmail.com,
>> example+foo at hotmail.com, example+bar at hotmail.com, it goes to the same
>> inbox. We were constantly hit with requests to subscribe to a few
>> These requests overloaded our mail server so much that it gave up. We
>> detected this failure because a postmortem email to
>> gluster-infra at gluster.org bounced. Any emails sent to our mailman
>> may have been on hold for the last 24 hours or so. They should be
>> now as your email provider re-attempts.
>> For the moment, we've banned subscribing with an email address with a
>> + in
>> the name. If you are already subscribed to the lists with a + in your
>> address, you will continue to be able to use the lists.
>> We're looking at banning the spam IP addresses from being able to hit
>> web interface at all. When we have a working alternative, we will
>> look at
>> removing the current ban of using + in address.
> So we have a alternative in place, I pushed a blacklist using
> mod_security and a few DNS blacklist:
>> Apologies for the outage and a big shout out to Michael for taking
>> time out
>> of his weekend to debug and fix the issue.
> Well, you can thanks the airport in Prague for being less interesting
> than a spammer attacking us.
> Gluster-users mailing list
> Gluster-users at gluster.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gluster-infra