Closed dpc22 closed 1 year ago
Hi @dpc22, Could you please check the PR above?
- add_stash('intern', 'no_identified_user');
+ add_stash('user', 'no_identified_user');
certainly looks plausible if "intern" is the cause of the messages to listmaster. Thank you.
I agree. I don't think it's a good idea to send emergency notices to administrators via email.
Fail2ban or similar is the better tool to cope with incoming crap.
Version
6.2.70
Installation method
My own RPM, derived from "offical" RHEL rpm
Expected behavior
wwsympa shouldn't generate notification emails to listmaster just because an unknown Web client submitted a HTTP GET or POST with invalid parameters: that is outside our control.
Actual behavior
I received about 120 messages of the form:
this morning. These seem to correspond to:
("User could not be identified, no mail HTTP header set" seems to be significant. wwsympa logged about 5000 attempted SQL injection attacks, but only a small fraction generated emails).
Additional information
This is related to a ticket that I opened about 18 months back: https://github.com/sympa-community/sympa/issues/1244
While the denial of service attack element seems to have been fixed (that was definitely the more important aspect), it looks like people poking at sso_login can still generate emails to listmaster.