Return-Path: 
 <bloodhound-dev-return-375-apmail-incubator-bloodhound-dev-archive=incubator.apache.org@incubator.apache.org>
X-Original-To: apmail-incubator-bloodhound-dev-archive@minotaur.apache.org
Delivered-To: apmail-incubator-bloodhound-dev-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 8FCC09C09
	for <apmail-incubator-bloodhound-dev-archive@minotaur.apache.org>;
 Fri, 11 May 2012 11:49:57 +0000 (UTC)
Received: (qmail 39405 invoked by uid 500); 11 May 2012 11:49:57 -0000
Delivered-To: apmail-incubator-bloodhound-dev-archive@incubator.apache.org
Received: (qmail 39301 invoked by uid 500); 11 May 2012 11:49:54 -0000
Mailing-List: contact bloodhound-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:bloodhound-dev-help@incubator.apache.org>
List-Unsubscribe: <mailto:bloodhound-dev-unsubscribe@incubator.apache.org>
List-Post: <mailto:bloodhound-dev@incubator.apache.org>
List-Id: <bloodhound-dev.incubator.apache.org>
Reply-To: bloodhound-dev@incubator.apache.org
Delivered-To: mailing list bloodhound-dev@incubator.apache.org
Received: (qmail 39277 invoked by uid 99); 11 May 2012 11:49:53 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 May 2012 11:49:53 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of gary.martin@wandisco.com
 designates 209.85.214.47 as permitted sender)
Received: from [209.85.214.47] (HELO mail-bk0-f47.google.com) (209.85.214.47)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 May 2012 11:49:47 +0000
Received: by bkcjm2 with SMTP id jm2so2287271bkc.6
        for <bloodhound-dev@incubator.apache.org>;
 Fri, 11 May 2012 04:49:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20120113;
        h=message-id:date:from:user-agent:mime-version:to:subject:references
         :in-reply-to:content-type:content-transfer-encoding
         :x-gm-message-state;
        bh=6buyLCNn7s15G7T0JxAoeVPrZQVQRbWae88EusQwhPY=;
        b=aMomDczdsh1DtQonEvrDYwkzlQDLeUlyFd+kqafsBHmsHHcjPjh2eB9Nxhm5dcyHRw
         8/zoUdCDJIl2zg6god+5wC7R6Dh3k+/tvfxwsOgimRa/zvTBVP8ObCWKKU9RPUmo5fvF
         uh5c5xcrKLD0yliR5+/kjRm+wKd3+g/lIMtwWql/Ft99d/wtOnSPx6JCgLqpNntQNsCW
         mrDJtfoqx3N86/Lh0AMicD98XKrNU/0nsLow/cM9qi7SW2gcsvOfT81cVEi9N2QAYEj5
         fSrZ5ywyQMSxNSNUeml8+0zgJ0NN07sxD90iEtnYVVch+9o3JoSN/OM71NiJCqyiljtn
         KnGg==
Received: by 10.205.124.8 with SMTP id gm8mr4643724bkc.90.1336736965840;
        Fri, 11 May 2012 04:49:25 -0700 (PDT)
Received: from [10.2.5.127] ([77.86.30.139])
        by mx.google.com with ESMTPS id 9sm18043040bku.9.2012.05.11.04.49.24
        (version=SSLv3 cipher=OTHER);
        Fri, 11 May 2012 04:49:24 -0700 (PDT)
Message-ID: <4FACFCBB.2030609@wandisco.com>
Date: Fri, 11 May 2012 12:49:15 +0100
From: Gary <gary.martin@wandisco.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:11.0) Gecko/20120329 Thunderbird/11.0.1
MIME-Version: 1.0
To: bloodhound-dev@incubator.apache.org
Subject: Re: Suspicious ticket raised
References: <062.58ee4cdc394d4ecf46ae50fc1b17f186@incubator.apache.org>
 <4FA39A30.5050307@wandisco.com>
 <CABD8fLVW3CCF5mxG=c7W-KmKE9RycX1yNvDRNLwKoY59-PvewA@mail.gmail.com>
In-Reply-To: 
 <CABD8fLVW3CCF5mxG=c7W-KmKE9RycX1yNvDRNLwKoY59-PvewA@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Gm-Message-State: 
 ALoCoQm+BYKSECz1MRYnH5FV7QFogx+LYBXycyX6oUppKRpuXD6nWyBtdHa2HYtEjAPH+q5xJCIM
X-Virus-Checked: Checked by ClamAV on apache.org

On 05/11/2012 09:48 AM, Greg Stein wrote:
> On Fri, May 4, 2012 at 4:58 AM, Gary<gary.martin@wandisco.com>  wrote:
>> Hi
>>
>> Sorry to seem so suspicious but I guess everyone would be surprised if this
>> turned out to be a genuine ticket. I am going to assume that it is
>> malicious. Unless anyone can provide me with a good reason to do otherwise,
>> I will close the account and find a way of dealing with the ticket. Until
>> then I suggest that nobody visits the link in the ticket.
>>
>> I realise that this is, so far, an isolated case at this point but we should
>> probably consider an appropriate procedure for dealing with these
>> situations, unless there is already a policy given by the ASF.
> There's no special policy. This was obviously spam... you're right in
> just closing the thing. "Closing as invalid."
>
> (theoretically, somebody trying to open a valid ticket would re-open)
>
> Cheers,
> -g

Good to know, thanks.

We got a couple of spam events this morning too, this time in the wiki. 
To deal with this, I have temporarily reduced the permissions for the 
general authenticated group of users and added all accounts to an 
additional group that provides the edit and create permissions.

I am not advocating at this point that this should become our default 
policy and, unless this is actually seen as a better policy, I expect to 
return edit and create permissions to all authenticated users in the 
near future. One consequence of leaving the permissions in this state is 
that a new registration will also need to ask for the edit permissions 
to be added to their account.

Cheers,
     Gary