Relnotes content feed spam

Karsten Wade kwade at redhat.com
Sat Dec 15 04:45:41 UTC 2007 

On Fri, 2007-12-14 at 14:09 -0600, Mike McGrath wrote:
> Paul W. Frields wrote:
> > On Fri, 2007-12-14 at 11:08 -0600, Mike McGrath wrote:
> >   
> >> Paul W. Frields wrote:
> >>     
> >>> Is there any way to cut down or stop spam to our relnotes content list
> >>> feed?  Is it because we don't require membership so that we can feed
> >>> content from non-human sources?
> >>>   
> >>>       
> >> Aside from requiring membership there might be some spam headers built 
> >> in from Red Hat's scanner to deny some mail if it goes through the 
> >> normal list.  Is it going to an @redhat.com or an @fedoraproject.org 
> >> address?
> >>
> >> Example headers:
> >>
> >> X-RedHat-NoId: 209.197.145.189 sent message with No ID
> >> X-RedHat-Spam-Warning: 9.7 (*********) ADVANCE_FEE_1,ADVANCE_FEE_2,ADVANCE_FEE_3,ADVANCE_FEE_4,MSGID_FROM_MTA_HEADER,MSGID_FROM_MTA_ID,NA_DOLLARS,NO_REAL_NAME,RAZOR2_CHECK,SARE_SUB_NEED_REPLY,UNDISC_RECIPS
> >> X-RedHat-Spam-Score: 9.7 *********
> >>     
> >
> > The address for the content is fedora-relnotes-content (at) rh d0t com.
> > The mail we're getting in is being stripped of its HTML attachments, so
> > whatever AV solution is there, seems to be working fine.  It would be
> > nice to simply have these vanish before they get passed to the list, but
> > honestly I'm not much of a mail mechanic.  If this is worth a ticket for
> > someone to investigate, I'll be happy to fill one out, but I don't want
> > to create a difficult job for someone when my Del key suffices.
> >   
> 
> My mailman foo is a little weak but I think the admin of that list can 
> make rules to reject mail with the above headers listed in the message.  
> I can assist with this if you guys are interested, I'll just need the 
> list password.

I haven't seen any of the SA headers in what goes through relnotes (at)
fedoraproject.org, which feeds to fedora-relnotes-content (at) rh.c.  It
also seems to have HTML in the email, but maybe that's not an
attachment?

The open nature of the address is to:

i. accept incoming email from unknown contributors
ii. accept email from bugzilla

- Karsten
-- 
Karsten Wade, Developer Community Mgr.
Dev Fu : http://developer.redhatmagazine.com
Fedora : http://quaid.fedorapeople.org
gpg key : AD0E0C41
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-docs-list/attachments/20071214/eb09246a/attachment.sig>

More information about the fedora-docs-list mailing list