Damn Spam!
Search 

Topics

User Functions






    Lost your password?

Surrender

    
Sunday, November 06 2005 @ 20:46 CET
Contributed by: Dirk

I hate having to surrender to spammers, but in this case I just couldn't get a handle on it:

Some idiot is spamming our project's bug tracker. Why, I don't know, since GForge (the software we're running) doesn't display any links. That hasn't stopped our Bulgarian friends and didn't stop this spammer either. Here are some samples of the "bug reports" he submitted:

texas holdem, poker, gambling, casino
Mercredi
Air Compressors Caulking Guns Chisels Collated Nails Collated Staples Combo Packs Drills Impact Wrenches Nailers Power Sprayers Ratchet Wrenches Saws
Borgo
casino
Ilya
Apparel Calls Lures Gun Cases Hiking Boots Shoes Hunting Shooting Accessories Hunting Dog Equipment Sunglasses Other Hunting Equipment
Silko

Completely useless as you can see - they don't even contain a domain name. Unfortunately, a part of the webserver's logfile covering the most active period of that spammer was lost. The first three of the above examples were submitted like this: 

70.86.12.194 - - [06/Nov/2005:10:36:09 -0600] "POST /tracker/index.php?group_id=6&atid=108 HTTP/1.1" 200 33383 "http://project.geeklog.net/tracker/?func=add&group_id=6&atid=108" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
216.12.208.215 - - [01/Nov/2005:08:28:59 -0600] "POST /tracker/index.php?group_id=6&atid=108 HTTP/1.1" 200 33383 "http://project.geeklog.net/tracker/?func=add&group_id=6&atid=108" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
67.15.188.23 - - [30/Oct/2005:07:00:07 -0600] "POST /tracker/index.php?group_id=6&atid=105 HTTP/1.1" 200 28970 "http://project.geeklog.net/tracker/?func=add&group_id=6&atid=105" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

That's all. Just those 3 POST requests, coming out of nowhere. 70.86.12.194 is The Planet, the other two are Everyones Internet, Inc. Both hosters aren't exactly know for their anti-spam attitude, to put it mildly ...

So, since there's no pattern here we could put in a .htaccess and since GForge doesn't offer spam protection, I had to take the only other available option, which is to disallow anonymous bug reports. Thanks for nothing, whoever you are.

Filed under: Comment Spam
()

View Printable Version

Trackback

Trackback URL for this entry: http://spam.tinyweb.net/trackback.php/surrender

No trackback comments for this entry.
Surrender | 1 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
... and a bug in GForge

As it turns out, there is a bug in GForge (at least the version we're running) that lets you post comments on Patches without being logged in even when GForge has been configured to reject anonymous submissions. And guess who exploits this bug?

Authored by: Dirk on Sunday, November 13 2005 @ 20:58 CET
[ Reply to This | # ]

Copyright © 2008 Damn Spam! Powered By Geeklog