Bug 63598

Summary: SPAM sent to kdebugs-only email address
Product: [Websites] bugs.kde.org Reporter: kdebugs
Component: generalAssignee: Matt Rogers <mattr>
Status: RESOLVED FIXED    
Severity: normal    
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Gentoo Packages   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description kdebugs 2003-09-02 02:18:51 UTC 
Version:            (using KDE KDE 3.1.3)
Installed from:    Gentoo Packages
OS:          Linux

There are numerous closed/resolved bugs on this issue, but none open, so either there is still a hole somewhere, or the harvesters are getting smarter....

Headers (redacted):

Return-Path: <blodbhwk@whoever.com>
Received: from whoever.com ([213.254.170.80])
	by ******.com (8.11.6/8.11.6) with SMTP id h81Bm5u13108
	for <kdebugs@*******.com>; Mon, 1 Sep 2003 07:48:05 -0400
Message-ID: <7e2101c3707b$63bb8d70$51a86db1@oa>
Reply-To: blodbhwk@whoever.com
From: blodbhwk@whoever.com
To: "webmaster" <kdebugs@*******.com>
Subject: Turn $25 into $500,000 in 6 months, please read.
Date: Mon, 01 Sep 2003 15:22:55 +0400
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
X-Priority: 3
User-Agent: AOL 7.0 for Windows US sub 118
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by ***********.com id h81Bm5u13108
Status: R 
X-Status: N
X-KMail-EncryptionState:  
X-KMail-SignatureState:
Comment 1 Daniel Naber 2003-09-02 03:04:51 UTC 
The bugs are also send to a mailing list. Maybe someone has an unprotected web archive of 
that list, or a spammer subscribed to that list. Or, as you said, there's still a hole. The only 
way to find out would probably be to run an address harvester on this site (which I don't 
have).
Comment 2 Stephan Kulow 2003-09-02 09:37:43 UTC 
Look here for an example: 
http://lists.kde.org/?l=kde-bugs-dist&m=106248767920244&w=2
Comment 3 Dirk Mueller 2004-02-13 23:09:02 UTC 
email address-like strings in bugzilla mail are now obfuscated.