Launchpad itself

Bug spam from non-malicious user's account

Bug #873192 reported by Jeroen T. Vermeulen
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Invalid
Critical
Unassigned

Bug Description

Bug 847649 has interesting spam: the user appears benign, but a genuine bug report and comments are followed up by spam entries from the same account.

Revision history for this message
Martin Pool (mbp) wrote : Re: [Bug 873192] [NEW] Bug spam from non-malicious user's account

I don't know if this is a bug in lp as such. We do see people lose
the security of their account sometimes.

I suspect the user got a virus or other machine compromise that ended
up replying to all mail in their inbox with spam messages.

Revision history for this message
Jeroen T. Vermeulen (jtv) wrote :

Martin: I filed this bug as per our spam-monitoring procedure. See our maintenance guide. Whatever the case, it does need to be looked into and incorporated into our institutional knowledge about spam attacks.

Revision history for this message
Curtis Hovey (sinzui) wrote :

What spam-monitoring? The one written several years ago? This is not a bug in our code. Unless this bug is about detecting impersonations, thus bug can be closed.

Revision history for this message
Martin Pool (mbp) wrote : Re: [Bug 873192] Re: Bug spam from non-malicious user's account

On 14 October 2011 01:08, Curtis Hovey <email address hidden> wrote:
> What spam-monitoring? The one written several years ago? This is not a
> bug in our code. Unless this bug is about detecting impersonations, thus
> bug can be closed.

If, as I suspect, they lost control of their mail client, detecting
impersonation is going to be hard.

I had a brief look through the logs for whether these messages came
through mail, but I can't see a record either way. It's probably
there somewhere.

To prevent things like this we could screen new urls for spamminess,
but that doesn't seem like a critical problem.

Revision history for this message
Jeroen T. Vermeulen (jtv) wrote :

By spam monitoring I mean the human eye on attack patterns, as documented on the spam-watching page from our maintenance-rotation docs.

Revision history for this message
Jeroen T. Vermeulen (jtv) wrote :

I had a look at the database, and found a non-null Message.raw. According to our schema comments, that suggests that it came in by email.

I don't recall whether the policy to file a Critical bug for spam also extends to emailed comments, but evidently we have a need to figure out whether a comment came in through email or through the web UI.

Revision history for this message
Curtis Hovey (sinzui) wrote :

Most comment spam comes from email. The sender is either an impersonator or has stolen the user credentials.

Changed in launchpad:
status: Triaged → Invalid
Revision history for this message
Martin Pool (mbp) wrote :

On 15 October 2011 00:25, Jeroen T. Vermeulen <email address hidden> wrote:
> I had a look at the database, and found a non-null Message.raw.
> According to our schema comments, that suggests that it came in by
> email.

perhaps for admins lp could identify mail messages in the ui in some
subtle way, like showing an envelope whose tooltip gives some data
about the message.

> I don't recall whether the policy to file a Critical bug for spam also
> extends to emailed comments, but evidently we have a need to figure out
> whether a comment came in through email or through the web UI.

I updated the policy to say you should file a bug if there is not one
already. Filing one per time spam is noticed, which is what it
literally said before, is obvious nonsense.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related questions

Remote bug watches

Bug watches keep track of this bug in other bug trackers.