[UbuntuWomen] Non-members posting! [was] Re: Fwd: [Blueprint community-1311-ubuntu-women] Ubuntu Women Trusty Goals

[svakSha]

On Mon, Apr 14, 2014 at 9:34 PM, Alex Muntada <alexm at alexm.org> wrote:
> A. Mani:
>
>> Then can't they post in a proper way through a web interface
>> from that place?
>
> There's https://launchpad.net/~ubuntu-women/+contactuser but the
> mail is sent from one of the sender's addresses in LP. However,
> the messages sent by LP automatically when someone makes a change
> in one of ~ubuntu-women blueprints use the editor's main address
> in LP.

noreply AT launchpxx DOT nxx has been whitelisted for some years now.


>>
>> But why should mods sift through other spam?

+1.

> Maybe we can find some header that matches all LP mail that could
> be used to filter messages from LP non-members into the list, e.g.
> i think this one could help:
>
>   X-Generated-By: Launchpad (canonical.com); ...
>
> Or we can just make a regexp out of this:
>
>   Received: from wampee.canonical.com ...

I like this option a lot better than wading through spam, so I setup a
regex:^.+ at wampee\.canonical\.com$
Since header spoofing is very easy, I've asked if there is a risk of
email addresses being forged - For example, can spam traffic spoof an
@canonical.com (and other permutations) address which can still get
through to the list. If that happens, I dont know how to stop spammer,
but I'm experimenting with the same regexp in the Spam Filter. If
anyone has a better suggestion (that does not involve a code change
which is beyond my control), do chime in.
For the moment, can someone test if this works? Test it by changing
the blueprint on LP. Note that if LP users multiple servers, I would
need the subdomains.

॥ svaksha ॥ http://svaksha.com