Launchpad itself

[spam report] in review comments by compromised user thekorn

Asked by Stephen Boddy on 2018-04-21

User: https://launchpad.net/~thekorn

Review: https://code.launchpad.net/~dirkjan-mollema/terminator/terminator/+merge/293366
And: https://code.launchpad.net/~jordy-provost/terminator/trunk/+merge/294927

One or more of this guys email accounts is compromised. I received loads of direct spam from him a while ago, but he never responded when I e-mailed him about it.

I've tried multiple times to get this junk cleared up, including resurrecting the last question a couple of times.

https://answers.launchpad.net/launchpad/+question/653423
https://answers.launchpad.net/launchpad/+question/661040
https://answers.launchpad.net/launchpad/+question/661539
https://answers.launchpad.net/launchpad/+question/662275

Every time the question expires with no action. How many times should I ask? If you can't keep up, then give project maintainers the ability to at least flag and hide spam (i.e. implement the now 12 year old https://bugs.launchpad.net/launchpad/+bug/45419). I like launchpad, but this kind of thing is eventually going to cause people to look elsewhere. Or should we just accept that Launchpad is a dead end with no future enhancements, in which case Canonical should at least have the honestly to mark it as such so everyone can move on.

Question information

Language:
English Edit question
Status:
Answered
For:
Launchpad itself Edit question
Assignee:
Colin Watson Edit question
Last query:
2018-04-21
Last reply:
2018-06-07
Colin Watson (cjwatson) said : #1

I'm sorry that we haven't communicated well on this one.

The core problem here is not really with reporting mechanisms; it's that we don't currently have a good way to deal with this particular type of spam (which is comparatively rare in Launchpad), short of manual database surgery which we try very hard to avoid. I've been spending some of my spare time working on this over the last week or so, and have been making good progress, of which this is the first part (I'm not expecting you to review it, just citing it for transparency):

  https://code.launchpad.net/~cjwatson/launchpad/email-force-strong-auth/+merge/343790

The second part of this will be a fix for bug 1680746. I have this working in a local instance, and am just sorting out tests and generally polishing it up before submitting it for code review.

Once these two chunks of work have landed, we'll be able to remove this spam easily, and in general we'll be able to respond to this particular type of spam more quickly in future.

Colin Watson (cjwatson) said : #2

We now have the technical capability to deal with this category of spam, so I've hidden the spam in question and configured this user's account so that we won't accept unsigned email from them. That should deal with this ticket. Sorry again for it taking so long.

Can you help with this problem?

Provide an answer of your own, or ask Stephen Boddy for more information if necessary.

To post a message you must log in.