Re: spammers closing bugs in BTS

To: "gustavo panizzo <gfa>" <gfa@zumbi.com.ar>
Cc: debian-devel@lists.debian.org
Subject: Re: spammers closing bugs in BTS
From: Daniel Pocock <daniel@pocock.pro>
Date: Wed, 17 Aug 2016 18:35:40 +0200
Message-id: <[🔎] 57B4925C.9090308@pocock.pro>
In-reply-to: <[🔎] 20160817162942.GB6165@io>
References: <[🔎] 57B48D6E.3020200@pocock.pro> <[🔎] 20160817162942.GB6165@io>


On 17/08/16 18:29, gustavo panizzo <gfa> wrote:
> On Wed, Aug 17, 2016 at 06:14:38PM +0200, Daniel Pocock wrote:
>> 
>> 
>> I received a notification that a bug was closed.
>> 
>> The email that closed the bug was a spam email sent to the
>> address (bug-number)-done@bugs.debian.org
>> 
>> 
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737921
> It was send by an PHP script, probably an abused contact form 
> X-PHP-Originating-Script: 10006:post.php(5) : regexp code(1) :
> eval()'d code(17) : eval()'d code
> 
>> 
>> Maybe time to start requiring PGP signatures on control emails to
>> the BTS?
>> 
> what about non-DDs?
> 
> 

It wouldn't need to validate the keys are on the DD keyring, although
it may be useful to insist that they have been signed by a DD.

Reply to:

References:
- spammers closing bugs in BTS
  - From: Daniel Pocock <daniel@pocock.pro>
- Re: spammers closing bugs in BTS
  - From: "gustavo panizzo <gfa>" <gfa@zumbi.com.ar>

Prev by Date: Re: spammers closing bugs in BTS
Next by Date: Re: spammers closing bugs in BTS
Previous by thread: Re: spammers closing bugs in BTS
Next by thread: Re: spammers closing bugs in BTS
Index(es):
- Date
- Thread