On Wed, May 11, 2016 at 10:56:40PM +0200, Markus Neteler wrote:
In addition;
+('somsnjkeeese'),
+('anonymous'),
Done,
Martin.
--
Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------
On Wed, May 11, 2016 at 08:41:34PM +0200, Sandro Santilli wrote:
+('kunjkn'),
+('gmail10'),
+('gmail11'),
+('gmail9'),
Done,
Martin.
--
Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------
Please delete
meee002
thanks,
Markus
On Sun, May 15, 2016 at 12:39:34AM +0200, Markus Neteler wrote:
Please delete
meee002
thanks,
According to my mail of yesterday [1] you can perform users
deletion autonomously, being in the "sudo" group on the "web"
host. Let me know how if the script could be improved. Thanks!
[1] [SAC] script to delete LDAP users
--strk;
On Sun, May 15, 2016 at 10:26 AM, Sandro Santilli <strk@keybit.net> wrote:
On Sun, May 15, 2016 at 12:39:34AM +0200, Markus Neteler wrote:
Please delete
meee002
thanks,
According to my mail of yesterday [1] you can perform users
deletion autonomously, being in the "sudo" group on the "web"
host. Let me know how if the script could be improved. Thanks![1] http://lists.osgeo.org/pipermail/sac/2016-May/006921.html
After some sleep I reread the Wiki page and now understood where the
script is 
(page slightly modified).
I could successfully remove the spammer, nice script! Thanks for that.
BTW: the script showed the registration email address behind "meee002"
to me which also appears here:
http://stopforumspam.com/ipcheck/45.65.14.10
I wonder if we could scan our LDAP DB again their records to identify
more removal candidates.
Markus
On Sun, May 15, 2016 at 11:05:33AM +0200, Markus Neteler wrote:
http://stopforumspam.com/ipcheck/45.65.14.10
I wonder if we could scan our LDAP DB again their records to identify
more removal candidates.
Sure we can !
for mail in `fetch-that-list`; do
ldapsearch -x "mail=$mail" | grep ^uid | sed 's/uid: //'
done
For just that specific email we have 22 accounts.
Whether or not to _allow_ registering multiple accounts with the
same email would be another question.
Also, I guess we could query that database, if we trust it,
to _prevent_ user registration. The user creation script
currently hard-codes some domains. This list would be more
specific. What to write a script that given an email returns
whether it is a knwon-spammer email or not ?
Please don't rush into removing those 22 accounts before checking
if they sent any content. I'm concerned about removing legit users
(I usually put the names in tracsvn:/osgeo/tools/trac/emergency_clean.sql
and run that script against all trac instances to get a feeling about
what they wrote in there, and also to keep a list of spammer users).
--strk;
On Sun, May 15, 2016 at 12:08:54PM +0200, Sandro Santilli wrote:
On Sun, May 15, 2016 at 11:05:33AM +0200, Markus Neteler wrote:
Please don't rush into removing those 22 accounts before checking
if they sent any content. I'm concerned about removing legit users
(I usually put the names in tracsvn:/osgeo/tools/trac/emergency_clean.sql
and run that script against all trac instances to get a feeling about
what they wrote in there, and also to keep a list of spammer users).
I've done that step, found no content in trac instances.
Here's the complete UIDs list, with creation timestamps.
Interesting, all accounts where created in April 30 2016
between 19:33 and 19:55.
kamalmenuse: 20160430194509Z
kanmsune: 20160430194333Z
karam4788: 20160430194609Z
maansninmeee002: 20160430195956Z
mani0035: 20160430194202Z
manishkasyamo: 20160430195147Z
manojkareeems: 20160430194725Z
manrefeee002: 20160430195647Z
manregdmeeee: 20160430195923Z
mansihiee: 20160430195514Z
menujse: 20160430195236Z
menujsese: 20160430195435Z
monsikeeee1: 20160430195852Z
mskkeijiwww: 20160430194432Z
rramjankei: 20160430195726Z
rramjankeisw: 20160430195802Z
sjiemkskeee: 20160430195614Z
sjmkeme: 20160430195022Z
sonamkalre: 20160430195826Z
sonamkappooe: 20160430195113Z
sonamkarm5: 20160430194051Z
sonamkpoor: 20160430194537Z
The "mani0035" one was found holding authenticated sessions.
I guess the "user deletion" script should be improved to provide
a messa in a non-interactive way (-m, to resemble git commit ?)
--strk;
On Sun, May 15, 2016 at 12:08:54PM +0200, Sandro Santilli wrote:
On Sun, May 15, 2016 at 11:05:33AM +0200, Markus Neteler wrote:
Whether or not to _allow_ registering multiple accounts with the
same email would be another question.
Let's also remember that we do NOT verify email on registration,
so spammers could actually enter any email value. This would make
it easy, for example, to start spamming with _your_ email, and
we must not make the mistake of considering _your_ email as the
one of a spammer. Refusing to create two users with the same email
would help reducing this risk.
--strk;
On Sun, May 15, 2016 at 12:17:24PM +0200, Sandro Santilli wrote:
kamalmenuse: 20160430194509Z
kanmsune: 20160430194333Z
karam4788: 20160430194609Z
maansninmeee002: 20160430195956Z
mani0035: 20160430194202Z
manishkasyamo: 20160430195147Z
manojkareeems: 20160430194725Z
manrefeee002: 20160430195647Z
manregdmeeee: 20160430195923Z
mansihiee: 20160430195514Z
menujse: 20160430195236Z
menujsese: 20160430195435Z
monsikeeee1: 20160430195852Z
mskkeijiwww: 20160430194432Z
rramjankei: 20160430195726Z
rramjankeisw: 20160430195802Z
sjiemkskeee: 20160430195614Z
sjmkeme: 20160430195022Z
sonamkalre: 20160430195826Z
sonamkappooe: 20160430195113Z
sonamkarm5: 20160430194051Z
sonamkpoor: 20160430194537Z
I guess the "user deletion" script should be improved to provide
a messa in a non-interactive way (-m, to resemble git commit ?)
I've added -r <reason> and --confirm switches, the users in the
list above are being removed as I write this mail. It takes time
because the script still counts till 10 before doing the work.
Details on removal can be found in web:/var/log/messages
--strk;