Resilience of ‘debbugs’ against spam (was: "Dear Customer" spam in the BTS)

2016-10-26 Thread Ben Finney 
Don Armstrong  writes:

> Any developer who is interested in volunteering and/or helping can
> e-mail ow...@bugs.debian.org, and I promise to try to train people and
> get them set up.

Shall do.

> [And/or write additional tools to make things easier.]

To what extent does ‘debbugs’, the instrallable package, have tools for
dealing with spam?

How much is even feasible to include in the package for the benefit of
other ‘debbugs’ installations?

-- 
 \“A thing is not necessarily true because a man dies for it.” |
  `\—Oscar Wilde, _The Portrait of Mr. W. H._, 1889-07 |
_o__)  |
Ben Finney

Re: "Dear Customer" spam in the BTS

2016-10-26 Thread Hans 
Hi Don,
> 
> We do spamassassin with a huge set of rules. I don't think we're
> currently using clamav in the BTS, but we are using it for Debian
> mailing lists.
> 
> [I'd certainly accept a patch to enable clamav; I personally haven't had
> time to readdress using it.]

if you are interested, I can send you the required master.cf and main.cf with 
my changes for spamassassin and clamav.  I secured all the files, when I left 
the job.

However, you will have to edit it a little bit, as I will of course remove the 
loacal IPs and things, which point to the server (I do not want to get in 
trouble). However, I believe, this server is no more online at all - but 
security before comfort!

What do you think?

Best

Hans

Re: "Dear Customer" spam in the BTS

2016-10-26 Thread Raphael Hertzog 
Hi Don,

On Wed, 26 Oct 2016, Don Armstrong wrote:
> On Wed, 26 Oct 2016, Hans wrote:
> > What about spamassassin? Wouldn't spamassassin and its databases not be the 
> > better way? I made good experiences with spamassassin on my mail servers. 
> 
> We do spamassassin with a huge set of rules. I don't think we're
> currently using clamav in the BTS, but we are using it for Debian
> mailing lists.

For the record, it would certainly be very welcome. We have many email
providers that reject (and not silently discard) those messages at SMTP
time (including gmail) and we also have many such emails forwarded from
the BTS to the PTS. The result is that many PTS users have been
unsubscribed because of all the mail that we sent them was bounced for 3
consecutive days (see #841061).

I recently deployed a quick hack to teach the PTS to ignore bounces
that look like bounces generated by spam/virus/executable attachment
but it would be better if the BTS did not forward them at all.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Re: "Dear Customer" spam in the BTS

2016-10-26 Thread Don Armstrong 
On Wed, 26 Oct 2016, Hans wrote:
> What about spamassassin? Wouldn't spamassassin and its databases not be the 
> better way? I made good experiences with spamassassin on my mail servers. 

We do spamassassin with a huge set of rules. I don't think we're
currently using clamav in the BTS, but we are using it for Debian
mailing lists.

[I'd certainly accept a patch to enable clamav; I personally haven't had
time to readdress using it.]

-- 
Don Armstrong  https://www.donarmstrong.com

Creativity can be a social contribution, but only in so far
as society is free to use the results. 
 -- Richard M Stallman _GNU Manifesto_

Re: "Dear Customer" spam in the BTS

2016-10-26 Thread Hans 
What about spamassassin? Wouldn't spamassassin and its databases not be the 
better way? I made good experiences with spamassassin on my mail servers. 

My configuration was a little bit weired, I admit. As I was using spamassassin 
and clamav together, it was very effective. Note, that I never used amavis, 
which most people are using this way. In my configuration besides of strict 
postfix rules,  I piped everything first through spamassassin (with bogofilter 
and all the other good stuff), and then what was not rejected by spamassassin 
through clamav - directlly from spamassassin's output into clamav input - no 
amavis.

This worked very well after a good learning phase. 

But I guess, you are doing this already. If so, just aplogize my noise.

Happy hacking!

Hans


> Spam e-mails like these that contain a zip with a windows executable
> can easily be blocked based on file extension using the foxhole rules
> for clamav (http://sanesecurity.com/foxhole-databases/). And clamav
> can probably also be used to automatically clean the bug archive of
> such messages.
> 
> 
> Kind regards,
> 
> Jeroen Dekkers

Re: "Dear Customer" spam in the BTS

2016-10-26 Thread Jeroen Dekkers 
At Wed, 26 Oct 2016 13:43:31 +0200,
Tomas Pospisek wrote:
> I've recently received "Dear Customer" spam on a bug of mine. I've
> searched the BTS [1], and there are many, many, many of these spam
> postings in the BTS, see f.ex. [2].
> 
> I think it doesn't make sense to press "this bug log contains spam" on
> each of those pages. Better would be to go directly to the archive and
> delete such posts directly from there.
> 
> I know I have once tried to do that - I think with a bit of advice from
> Don Armstrong but it never went anywhere.
> 
> Has anyone tried to do such a thing yet (methodically clean the bug
> archive of spam)? Where and how could I start such an effort? How would
> I get read/write access to the BTS archive?

Spam e-mails like these that contain a zip with a windows executable
can easily be blocked based on file extension using the foxhole rules
for clamav (http://sanesecurity.com/foxhole-databases/). And clamav
can probably also be used to automatically clean the bug archive of
such messages.


Kind regards,

Jeroen Dekkers

Re: "Dear Customer" spam in the BTS

2016-10-26 Thread Don Armstrong 
On Wed, 26 Oct 2016, Tomas Pospisek wrote:
> Has anyone tried to do such a thing yet (methodically clean the bug
> archive of spam)? Where and how could I start such an effort? How
> would I get read/write access to the BTS archive?

We're always looking for more vict^Wvolunteers; Blars Blarson has been
tirelessly dealing with the spam issue in the archives for quite some
time, and he's really the expert in this area.

Any developer who is interested in volunteering and/or helping can
e-mail ow...@bugs.debian.org, and I promise to try to train people and
get them set up. [And/or write additional tools to make things easier.]

-- 
Don Armstrong  https://www.donarmstrong.com

unbeingdead isn't beingalive
 -- e.e. cummings "31" _73 Poems_

Re: "Dear Customer" spam in the BTS

2016-10-26 Thread Paul Wise 
On Wed, Oct 26, 2016 at 7:43 PM, Tomas Pospisek wrote:

> Has anyone tried to do such a thing yet (methodically clean the bug
> archive of spam)? Where and how could I start such an effort? How would
> I get read/write access to the BTS archive?

The BTS admins do that regularly, based on people clicking the report
spam links at the bottom of the bug reports. I guess you would need to
become a BTS admin to contribute to that effort.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Re: "Dear Customer" spam in the BTS

2016-10-26 Thread Mathieu Malaterre 
On Wed, Oct 26, 2016 at 1:43 PM, Tomas Pospisek  wrote:
> Hello all,
>
> I've recently received "Dear Customer" spam on a bug of mine. I've
> searched the BTS [1], and there are many, many, many of these spam
> postings in the BTS, see f.ex. [2].

Annoying indeed.

https://bugs.debian.org/628285

-M

"Dear Customer" spam in the BTS

2016-10-26 Thread Tomas Pospisek 
Hello all,

I've recently received "Dear Customer" spam on a bug of mine. I've
searched the BTS [1], and there are many, many, many of these spam
postings in the BTS, see f.ex. [2].

I think it doesn't make sense to press "this bug log contains spam" on
each of those pages. Better would be to go directly to the archive and
delete such posts directly from there.

I know I have once tried to do that - I think with a bit of advice from
Don Armstrong but it never went anywhere.

Has anyone tried to do such a thing yet (methodically clean the bug
archive of spam)? Where and how could I start such an effort? How would
I get read/write access to the BTS archive?

?
Thanks,
*t

[1]
https://www.startpage.com/do/metasearch.pl?query=site%3Abugs.debian.org%20%22Dear%20Customer%22
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754505