Re: Spam origin investigation
I must concur: for those of us who like to see what RMS is saying, and on one of the two mailing lists he regularly participates in, these mails improperly attributed are a bother. As an aside: I remember seeing information on GrSecurity's prices: and they were very similar in tone to this joke: but it was no joke. And it was much more expensive. https://grsecurity.net/purchase <--- this is real. And they have successfully prevented redistribution. Year subscription Stable patch series Flexible pricing tailored to your organization's needs Detailed writeups on silently-fixed Linux kernel vulnerabilities Policy and configuration auditing Direct access to grsecurity developers Integration assistance I remember it being 10k, and there were seat restrictions etc, and NO redistribution OR ELSE. On 2019-11-11 01:41, Alexandre François Garreau wrote: Le dimanche 10 novembre 2019, 19:36:48 CET Richard Stallman a écrit : I\'m not RMS, nor GNU staff. Would you please use your own mail address, so we can properly answer to you without bothering rms, or at least an distinct name along with some fake inexisting mail address, so we can properly quote you and distinguish you without confusion?
Re: Spam origin investigation
Le dimanche 10 novembre 2019, 19:36:48 CET Richard Stallman a écrit : > I\'m not RMS, nor GNU staff. Would you please use your own mail address, so we can properly answer to you without bothering rms, or at least an distinct name along with some fake inexisting mail address, so we can properly quote you and distinguish you without confusion?
Re: Spam origin investigation
> Source? At least ArchWiki. Arch Linux Wiki is sometimes attacked by GLAT scammers and they insert this date as deadline to install GLAT Client and purchase a license. Some articles might be found in the Internet Archive. Some examples: - https://web.archive.org/web/20190819155420/https://wiki.archlinux.org/index.php/2020_licensing_changes - https://web.archive.org/web/20190819143515/https://wiki.archlinux.org/index.php/Activation
Re: Spam origin investigation
Anonymous wrote: > Later investigation shown that http://demo.simplacommerce.com/ is another > Simpla CMS demo with same vulnerability. No, itʼs the same machine. In any case, if youʼd like to make a list of gratis services for sending mail, that do not put much restrictions on its content, youʼd better choose another m/l, I believe. signature.asc Description: PGP signature
Re: Spam origin investigation
Anonymous wrote: > I have done some investigation and found that spam originated from > http://demo.simplacms.ru/ website which runs Simpla. This CMS is unmaintained > for long time and has vulnerability which allows GLAT scammers to send emails > anonymously by uploading PHP scripts. > > This issue was already reported before but nobody fixed it. I do not see any issue, actually. If the CMS in question provides an interface for sending mail, then full-featured demo should provide it as well. > Administrator panel for this site should be permanently closed if Simpla is > dead. Suggest it to administrators of the site. But I believe, they do not regard their software dead. When a program is not updated for a couple of years, it does not necessary mean that it is dead. Sometimes a program is _ready_ and does not need any more updates. > Serious spam attack on many websites is expected on 2020-01-01 or before. Source? signature.asc Description: PGP signature
Spam origin investigation
Same source, not RMS. Later investigation shown that http://demo.simplacommerce.com/ is another Simpla CMS demo with same vulnerability.
Spam origin investigation
I\'m not RMS, nor GNU staff. I have done some investigation and found that spam originated from http://demo.simplacms.ru/ website which runs Simpla. This CMS is unmaintained for long time and has vulnerability which allows GLAT scammers to send emails anonymously by uploading PHP scripts. This issue was already reported before but nobody fixed it. Administrator panel for this site should be permanently closed if Simpla is dead. There is also fake FSFE GLAT Key Server website http://glatks.eu5.org/ which could be used for spam later. Serious spam attack on many websites is expected on 2020-01-01 or before.
