headers
quackeroo | 24 Aug 22:24

website abuse

I tried to post this as a ticket, but it said I didn't have 
TICKET_CREATE access.

Someone is apparently using the plone.org user pages to act as 
doorways/forwarding sites to spam sites.

Someone is running a spam management program from this website:
http://as2.bonsilver.com/

Most stuff seems broken, but if you go to "Add task" under the "Spam 
Wizard" menu and then click on "Select" on the Doorway row, a pop-up 
window will present you with the following list of "doorways".  If you 
go to one, it forwards you to a spam site.  I've copied these here 
because the list of doorways can apparently change over time.

        http://plone.org/portal_memberdata/portraits/orko
        http://plone.org/portal_memberdata/portraits/borozda
        http://plone.org/portal_memberdata/portraits/plintus
        http://plone.org/portal_memberdata/portraits/arapnik
        http://plone.org/portal_memberdata/portraits/corow
        http://plone.org/portal_memberdata/portraits/neilon
        http://plone.org/portal_memberdata/portraits/virko
        http://plone.org/portal_memberdata/portraits/lopata
        http://plone.org/portal_memberdata/portraits/jbluh
        http://plone.org/portal_memberdata/portraits/buagaga
        http://plone.org/portal_memberdata/portraits/holmek
        http://plone.org/portal_memberdata/portraits/kruk
        http://plone.org/portal_memberdata/portraits/wouara
        http://plone.org/portal_memberdata/portraits/simpa
        http://plone.org/portal_memberdata/portraits/karol
(Continue reading)

Permalink | Reply |
Permalink | Reply |
headers
Jon Stahl | 25 Aug 02:35
Favicon

Re: website abuse

FWIW, this seems to be happening on some non-plone.org sites in the
wild. 

I'm not sure what if anything can be done about that.

> -----Original Message-----
> From: plone-website-bounces@... 
> [mailto:plone-website-bounces@...] On 
> Behalf Of Wichert Akkerman
> Sent: Thursday, August 24, 2006 1:39 PM
> To: quackeroo
> Cc: plone-website@...
> Subject: Re: [Plone-website] website abuse
> 
> Hi,
> 
> thanks very much for the report. We became aware of this 
> yesterday and added captchas to the user registration to 
> prevent more spam accounts from being created. We will be 
> working on removing the spam accounts over the next week or so.
> 
> Regards,
> Wichert.
> 
> 
> Previously quackeroo wrote:
> > I tried to post this as a ticket, but it said I didn't have 
> > TICKET_CREATE access.
> > 
> > Someone is apparently using the plone.org user pages to act as
(Continue reading)

Permalink | Reply |
headers
Alexander Limi | 25 Aug 11:31
Favicon
Gravatar

Re: website abuse

I have posted a proposed solution to the website and admins list after  
some brainstorming with the plonerati.

Shouldn't be too hard to fix, fortunately - it's an annoying misfeature  
that needs to be fixed (even though it's not a security hole as such, we  
still don't want to help spammers in any way, even if it's just to  
redirect links)

-- Alexander

On Thu, 24 Aug 2006 17:35:33 -0700, Jon Stahl  
<jon <at> onenw.org> wrote:

> FWIW, this seems to be happening on some non-plone.org sites in the
> wild.
>
> I'm not sure what if anything can be done about that.
>
>> -----Original Message-----
>> From:  
>> plone-website-bounces <at> lists.sourceforge.net
>> [mailto:plone-website-bounces <at> lists.sourceforge.net]  
>> On
>> Behalf Of Wichert Akkerman
>> Sent: Thursday, August 24, 2006 1:39 PM
>> To: quackeroo
>> Cc: plone-website <at> lists.sourceforge.net
>> Subject: Re: [Plone-website] website abuse
>>
>> Hi,
(Continue reading)

Permalink | Reply |

Gmane