On 23 February 2018 at 08:01, Zamir SUN <zsun(a)fedoraproject.org> wrote:
Hi Infra team,
This week two people reached me asking about logging into Pagure. Both
of them tried to register on FAS, but they are automatically set as
spamcheck_manual immediately after they registered and even cannot login
to sign CLA/FPCA. As far as I know, one of them is using gmail and
another is using a emain from their own domain - I think it's not caused
by main domains.
So I want to know if there are certain rules that we don't know, or
spamcheck rules which users from China might easily get into?
I need more information than that to be able to debug the problem..
like the actual email names and the accounts that they tried to open.
One heuristic that has been tripping up people is where they have a
large set of numbers in their accountname. The spammers use bots which
put long streams of numbers in their account names as in
<zue<randomishnumber>> <zue<randomnishnumber+X>>. This allowed
them to
know which spam farm and ad campaign they are going to use as all of
zue<> get Printers while anil<> get Pills and greg<> might get
Antivirus tech support. So our heuristics were looking for accounts
with long numbers as a higher score. However this breaks down for
some countries where the numbers may mean something or are required
because bob8888 is chosen a lot so bob88881001 bob88881002 would be
given out. We can work on this but we will need some data on who they
were.
Please extend our apologies and thank them for their patience.
Thanks!
--
Ziqian SUN (Zamir)
GPG : 1D86 6D4A 49CE 4BBD 72CF FCF5 D856 6E11 F2A0 525E
Want to know more about Fedora?
Visit
https://fedoraproject.org/wiki/
Ready to contribute? See
https://whatcanidoforfedora.org/
_______________________________________________
infrastructure mailing list -- infrastructure(a)lists.fedoraproject.org
To unsubscribe send an email to infrastructure-leave(a)lists.fedoraproject.org
--
Stephen J Smoogen.