Re: [OAUTH-WG] Recent Spam
Glen <glen@amsl.com> Thu, 14 November 2019 21:02 UTC
Return-Path: <glen@amsl.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FAF6120043 for <oauth@ietfa.amsl.com>; Thu, 14 Nov 2019 13:02:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.2
X-Spam-Level:
X-Spam-Status: No, score=-104.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2UjQKAlqbjYY for <oauth@ietfa.amsl.com>; Thu, 14 Nov 2019 13:02:44 -0800 (PST)
Received: from mail.amsl.com (c8a.amsl.com [4.31.198.40]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7072712002E for <oauth@ietf.org>; Thu, 14 Nov 2019 13:02:44 -0800 (PST)
Received: from mail.amsl.com (localhost [127.0.0.1]) by c8a.amsl.com (Postfix) with ESMTPS id 341D2202E94 for <oauth@ietf.org>; Thu, 14 Nov 2019 13:01:56 -0800 (PST)
Received: from mail-ot1-f54.google.com (mail-ot1-f54.google.com [209.85.210.54]) by c8a.amsl.com (Postfix) with ESMTPSA id 15E2E202EB0 for <oauth@ietf.org>; Thu, 14 Nov 2019 13:01:56 -0800 (PST)
Received: by mail-ot1-f54.google.com with SMTP id l14so6122346oti.10 for <oauth@ietf.org>; Thu, 14 Nov 2019 13:02:44 -0800 (PST)
X-Gm-Message-State: APjAAAXtjPOpxpC8kCmbxZvZ9jGa2CL6M8eUI8GhotxpdTJfyMRpO+j0 A1Y2AS0Si+BfCOJpPWLQHL4BlwG92pjSzMagBY0=
X-Google-Smtp-Source: APXvYqyXe+OPtlaA++Yyxy/V8TFL2VcodB7YtX5KG0/+dcghRVSU9whaMjCH4Z5+1uihM2w6bvUaU2HyN/I0Br0+jR8=
X-Received: by 2002:a05:6830:2316:: with SMTP id u22mr1526648ote.100.1573765363547; Thu, 14 Nov 2019 13:02:43 -0800 (PST)
MIME-Version: 1.0
From: Glen <glen@amsl.com>
Date: Thu, 14 Nov 2019 13:02:32 -0800
X-Gmail-Original-Message-ID: <CABL0ig65gn35UctG29-zTAM7gy-_w+-3nSJyfn-idULq7zSGtg@mail.gmail.com>
Message-ID: <CABL0ig65gn35UctG29-zTAM7gy-_w+-3nSJyfn-idULq7zSGtg@mail.gmail.com>
To: oauth@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/u1Mi3Fcnhf4TyjRV3HENk-MQWg0>
Subject: Re: [OAUTH-WG] Recent Spam
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Nov 2019 21:02:47 -0000
All - On Wed, 13 November 2019 12:41 UTC, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com> wrote: > The chairs are aware of the issue, as we receive notifications to > approve these messages sent by non-members. > We have been receiving these emails for few weeks now, and Glen from IETF > IT is also aware of the issue and he took some measures to try to address > this. Glen also contacted the ISP but unfortunately he did not hear back from > them. I'm not on this list, but in the process of checking a few spam complaints we've received, I noticed this message in the archive, and wanted to clarify further: The OAUTH list - along with about four other lists - was the victim of a subscribe attack, in which large numbers of valid, harvested email addresses were subscribed to the OAUTH list without the knowledge of the account holders. Sympatico.ca was one of the targeted domains, as was AOL and GMAIL. *sigh* I have no idea what the attackers tried to gain - get the IETF blacklisted with ISPs, perhaps? It was relatively simple to remove the sympatico and AOL addresses, but we have lots of legitimate users who use GMail, so I was hesitant to try bulk-removing all of those addresses! OAUTH - at 1003 members (currently) is one of the IETF's larger lists, so there may be other people on here also who didn't ask to be signed up. As complaints come in, we're removing people, and as attacks come in (and there are a TON of attacks against the IETF every day, which is why I look the way I do) we block them, but it is something of a game of leapfrog. We appreciate everyone's patience as we continue to deal with these ongoing, and bizarre, attacks. Glen -- Glen Barney IT Director AMS (IETF Secretariat)
- [OAUTH-WG] Recent spam Neil Madden
- Re: [OAUTH-WG] Recent spam Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Recent Spam Glen