Mail Archives: cygwin/2021/08/12/06:37:37

Valerio Messina via Cygwin <cygwin AT cygwin DOT com> · Thu, 12 Aug 2021 12:36:12 +0200

On 8/11/21 1:26 PM, Russell VT via Cygwin wrote:
> Can one of you powerful folks, please, fix the signup approvals and make it
> a bit more difficult to signup and account that is "allowed" to post on
> this list?

as now the subscribe procedure is a simple:
0) open the web page: https://cygwin.com/mailman/listinfo/cygwin/
1) fill form with name, email and pass
2) press the Subscribe button
3) receive a confirmation mail
4) follow the link in the mail
5) press the subscribe button in the new web page
all steps are easily script-able with 'curl'
So in my opinion first thing to do is to add a CAPTCHA [1] in the step 1

I tried to contact the list admin sent from IP: 8.43.85.97
that is <noc AT redhat DOT com> asking for removal of spammers once we received 
every spam, but spamming continue.

I also noted a big increase in spam directed to my email, once I made a 
post to the list. This is probably related to the fact the list archive 
is freely available to web spiders at:
https://cygwin.com/pipermail/cygwin/
with email sender visible as first line once you open an mail.
So second action to do is report the 'name' of sender but not the email 
in those pages, or at least blacken the domain part @domain.tld

[1] https://en.wikipedia.org/wiki/CAPTCHA

thank you,
-- 
Valerio

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 895E3383540B
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1628764655;
	bh=45JScuRDxtaMb0oeCrAsLGA1RQ5ZFfpyRiLdc8hHaLY=;
	h=Subject:To:References:Date:In-Reply-To:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	From;
	b=et1uHDEd5zr2TWPkhcuw3pshGoxLSPz6xcdsxKYXGk+oWJ4XOpm8azFG6mbfEggSK
	mxACxbFaGuIHkCZ5LO0i6t6X4ljc+pfuyNxPeSI89kH+9dKHvaarg+A9dhhposGlaN
	1PRKZWgFNB49Ce6/gxZf9ePSXIVisLYtKJripmzA=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.4.1 sourceware.org DDAF03853C01
x-libjamoibt:	1601
X-CNFS-Analysis:	v=2.4 cv=Q4sXX66a c=1 sm=1 tr=0 ts=6114f99c cx=a_exe
	a=aNpn9EtY6G/liRJj6wy2lA==:117 a=aNpn9EtY6G/liRJj6wy2lA==:17
	a=IkcTkHD0fZMA:10 a=w_pzkKWiAAAA:8 a=20KFwNOVAAAA:8 a=8pif782wAAAA:8
	a=VYIYbrDT0zXCgZko67sA:9 a=QEXdDO2ut3YA:10 a=_QZRCK_2Q7AA:10
	a=sRI3_1zDfAgwuvI8zelB:22
Subject:	Re: META: Fix the signup procedure?
To:	cygwin <cygwin AT cygwin DOT com>
References:	<CANV2+nXG7dm9Lab+wb0=3Efd_rLqQd7YsdqzLXJz6VL1XUgLQQ AT mail DOT gmail DOT com>
Message-ID:	<f6ddede5-4e09-5d77-eabf-bd2060e57de9@iol.it>
Date:	Thu, 12 Aug 2021 12:36:12 +0200
User-Agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
	Firefox/60.0 SeaMonkey/2.53.8.1
MIME-Version:	1.0
In-Reply-To:	<CANV2+nXG7dm9Lab+wb0=3Efd_rLqQd7YsdqzLXJz6VL1XUgLQQ@mail.gmail.com>
X-CMAE-Envelope:	MS4xfAy+V0GZHCI9NYN4E5EWdhAaAfyz7SEAllICXYkXCwShsfUjjv3xJOtbxfWGO09EMmDKcf9PGqrDkA2TRcduHcD+e4zNB0YaiS94sUrt36wJrhqhFzeo
	XzltCcSwdz3wgsM+SiRNm1UTJxdYl24/o0LzzcBvveMfWt5Dsx3uNYD5Q7yP9O35Y35i+uCkwHF1XQ==
X-Spam-Status:	No, score=-0.7 required=5.0 tests=BAYES_05, DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, NICE_REPLY_A,
	RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, SPF_PASS,
	TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version:	SpamAssassin 3.4.4 (2020-01-24) on
	server2.sourceware.org
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.29
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe:	<https://cygwin.com/mailman/options/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From:	Valerio Messina via Cygwin <cygwin AT cygwin DOT com>
Reply-To:	Valerio Messina <efa AT iol DOT it>
Errors-To:	cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender:	"Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019