Re: [OAUTH-WG] Recent spam
Rifaat Shekh-Yusef <rifaat.ietf@gmail.com> Wed, 13 November 2019 12:41 UTC
Return-Path: <rifaat.ietf@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A920D12087F for <oauth@ietfa.amsl.com>; Wed, 13 Nov 2019 04:41:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TmluEssPhdAr for <oauth@ietfa.amsl.com>; Wed, 13 Nov 2019 04:41:30 -0800 (PST)
Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1395D120872 for <oauth@ietf.org>; Wed, 13 Nov 2019 04:41:30 -0800 (PST)
Received: by mail-io1-xd30.google.com with SMTP id k1so2351852ioj.6 for <oauth@ietf.org>; Wed, 13 Nov 2019 04:41:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=EGM67fb/rL7E2NChjGgVkaYTn3nRDpNeCU77mUMSCUQ=; b=ePrLdsgBPvcSGaQeYeeV3LoCayBdbwQmTDcjYQieBGq1kiRU+F/qG6G7UxGyCaaeaS jCvev08qvvViKMe7oIMa9hiKI6IADT2Wdwjqwnaq6FFdOmXUPnetdKpJUufwXOH1BRwr X/GbhJeIDYehu0i41I+obmYRitqnRWKm1wzCdSbgyg8+zvXqItfL48bbg3tu+JAc+usR WBH+z0KOxo99ESTyCKK6gGf3pI9jnim7ry0/Ym/EnHy+7ALfNVuc1pFcK7hSEUnDYaYX xcVDSyPnj22fB+4z35Xj7JFzeO0ZlTzZbe7dgt58xVERfs5Y8faJ/1VHGCsmApe1XIsd FGcg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=EGM67fb/rL7E2NChjGgVkaYTn3nRDpNeCU77mUMSCUQ=; b=DWnIrm/8IVQXVhe6vx6BrfyytvpwUpSfd8oBrIYkfGQXKl1VpDWtX+siaUM2sKgf+I DIYu/+PEfz4eHsPmINnn9Z7CAFEZY3xhwiywCENR7SdSIrx2YrV3VuFnni/5+UqBJPxj MvLrZjL3V6DbasHkLz/QkXwZAFVTkU9qpLfj+U4tjOOXN27tbVfTtfkWe5z4TW7Gm4yZ FMep1Z2vWmbY3A1VDW3PrWUpwv3AJrWB6Q1JRUX6Xorg7Z3cLUCjDM+5KhKyvLzZlvlU EIHuUXREMWllTkhwqaw7rdIOTgAA+X5zaE8JhChp5xzenBQv4tiJ8W221Xvpwy/nMUOf LJTA==
X-Gm-Message-State: APjAAAX0qfrD9xpI/qvzYFaY+p4pyXwiXFZYkwqNhR2jTXR/IWn/zzuO OjaN+ZwmqUkwoqYyJUZTVSjgMTMVVjqLqlTaUPg=
X-Google-Smtp-Source: APXvYqy+yRRwfQqwRXPvshLguqFH4dtexPE9XeNn1dc/oCQl8GahA2k/KjGJxBRoqFYSeE1dyXRUzFdyS6ftFokwCcg=
X-Received: by 2002:a02:b48:: with SMTP id 69mr2625902jad.25.1573648889326; Wed, 13 Nov 2019 04:41:29 -0800 (PST)
MIME-Version: 1.0
References: <98CFFD2C-AB86-4FCF-A8AD-A825056B5CEB@forgerock.com>
In-Reply-To: <98CFFD2C-AB86-4FCF-A8AD-A825056B5CEB@forgerock.com>
From: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
Date: Wed, 13 Nov 2019 07:41:18 -0500
Message-ID: <CAGL6epKp_BTkNCkeu=qVov+wCoSvVc76migXYVXSdxMitze6EA@mail.gmail.com>
To: Neil Madden <neil.madden@forgerock.com>
Cc: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000caf05059739afa3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/x4OIqvdcivJL5kdYwi0zIrzb5JE>
Subject: Re: [OAUTH-WG] Recent spam
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2019 12:41:33 -0000
Thanks Neil, The chairs are aware of the issue, as we receive notifications to approve these messages sent by non-members. We have been receiving these emails for few weeks now, and Glen from IETF IT is also aware of the issue and he took some measures to try to address this. Glen also contacted the ISP but unfortunately he did not hear back from them. Regards, Rifaat On Wed, Nov 13, 2019 at 7:27 AM Neil Madden <neil.madden@forgerock.com> wrote: > It appears that overnight some spam was sent out that spoofed my email > address and appeared to be a reply to a genuine (old) message on this > mailing list. It appears some people are then hitting "Reply All" and so > generating additional messages to the OAuth WG mailing list asking to be > unsubscribed. > > I've checked my own machines and there is no sign of any of them being > compromised to send the emails, and there's no trace of any such email in > my account's Sent folder - it seems to have been a straightforward email > address spoofing. I've asked our IT department to double-check our > DMARC/DKIM/SPF settings just to be sure. > > Based on the responses I've received, the only people who seemed to > received the original spam messages (not the responses) all have "@ > sympatico.ca" addresses, so it might also be the case that this ISP is > not validating incoming emails correctly. I have emailed the ISP to alert > them to this, so hopefully the issue will be corrected soon if so. > > -- Neil > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] Recent spam Neil Madden
- Re: [OAUTH-WG] Recent spam Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Recent Spam Glen