On Fri, Feb 23, 2018 at 11:22 PM, Stephen John Smoogen <smooge@xxxxxxxxx> wrote: > On 23 February 2018 at 08:01, Zamir SUN <zsun@xxxxxxxxxxxxxxxxx> wrote: >> Hi Infra team, >> >> This week two people reached me asking about logging into Pagure. Both >> of them tried to register on FAS, but they are automatically set as >> spamcheck_manual immediately after they registered and even cannot login >> to sign CLA/FPCA. As far as I know, one of them is using gmail and >> another is using a emain from their own domain - I think it's not caused >> by main domains. >> So I want to know if there are certain rules that we don't know, or >> spamcheck rules which users from China might easily get into? >> > > I need more information than that to be able to debug the problem.. > like the actual email names and the accounts that they tried to open. > Hi Stephen, Yes, one of them agrees to public the details. I checked FAS and can see the account is "Awaiting manual spamcheck" https://admin.fedoraproject.org/accounts/user/view/icenowy The other man simply did not reply my message yet. > One heuristic that has been tripping up people is where they have a > large set of numbers in their accountname. The spammers use bots which > put long streams of numbers in their account names as in > <zue<randomishnumber>> <zue<randomnishnumber+X>>. This allowed them to > know which spam farm and ad campaign they are going to use as all of > zue<> get Printers while anil<> get Pills and greg<> might get > Antivirus tech support. So our heuristics were looking for accounts > with long numbers as a higher score. However this breaks down for > some countries where the numbers may mean something or are required > because bob8888 is chosen a lot so bob88881001 bob88881002 would be > given out. We can work on this but we will need some data on who they > were. > I wonder if this is not their case - both of them did not use any numbers in usernames. So I'll wait for you debugging then. Thanks in advance! > Please extend our apologies and thank them for their patience. > > >> Thanks! >> -- >> Ziqian SUN (Zamir) >> GPG : 1D86 6D4A 49CE 4BBD 72CF FCF5 D856 6E11 F2A0 525E >> Want to know more about Fedora? >> Visit https://fedoraproject.org/wiki/ >> Ready to contribute? See https://whatcanidoforfedora.org/ >> _______________________________________________ >> infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx >> To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx > > > > -- > Stephen J Smoogen. > _______________________________________________ > infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx -- Ziqian SUN (Zamir) zsun@xxxxxxxxxxxxxxxxx GPG : 1D86 6D4A 49CE 4BBD 72CF FCF5 D856 6E11 F2A0 525E Want to know more about Fedora? Visit https://fedoraproject.org/wiki/ _______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
