Debian Developers - Re: Lots of (easily recognisible) spam sent to the BTS today

This is Interesting: Free IT Magazines  
Home > Archive > Debian Developers > November 2006 > Re: Lots of (easily recognisible) spam sent to the BTS today





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: Lots of (easily recognisible) spam sent to the BTS today
Javier Fernández-Sanguino Peña

2006-11-02, 1:25 am

On Tue, Oct 31, 2006 at 11:51:16PM -0700, Bruce Sass wrote:
>
> Ya. I generally don't like anti-spam techniques because they require
> either the sender or recipient to jump through hoops, or are prone to
> false positives... but limiting interaction with the BTS to
> pre-verified users (as requiring signed messages by DD's would do) is
> an even smaller (as in harder to jump through) hoop than requiring a
> specific, easily reproduced with any MUA, format for messages sent to
> the BTS.

When I have suggested that (sending signed messages to the BTS to be
accepted for processing) it was

a) for mails to -close or to control@b.d.o to prevent a spammer/malicious
person from closing all the bugs or mangling with the BTS in such a way
that would take us some effort to recover

b) restricted to providing a signed mail, not necessarily with a signature in
the DD keyring. (this could be added later on to prevent abuse, if needed
be and could still have a 'whitelist' of valid keys which could include
non-DDs)

If there's a non-DD playing with the BTS (closing bugs or using control@) I
guess it's not really too much to ask for them to use signed e-mails when
fiddling with it. Is it?

Regards

Javier


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com