[Spam] - Some sneaky fucker used lufi to spam #1347
Labels
No labels
🔥
🦾 1
🦾 2
🦾 3
🦾 4
🦾 5
🦾 6
administration
Akkoma
Android
Bare metal
bug
Communication
Community
Cryptpad
🙌 Decission needed
Discussion
Documentation
duplicate
enhancement
etherpad
Feature request
Feedback
finances
Fixed
forgejo
Free to take
Funding
fun_project
help wanted
high impact
housekeeping
Howto
infra
In progress
🤔️ Investigate
Invoice Ninja
ios
jitsi
lacre
Lacre Test
ldap
Lemmy
LibreTranslate
low impact
low prio
Lufi
macos
Mail
Merch
monitoring
movim
needs_refine
New Auth
Nextcloud
nice to have
on hold
proposal
PR ready
question
Ready
refined
Roundcube
searX
SPAM Issues
spam-protection
Staging Server
sysadmin
Themes
TOR
upstream issue
Website
windows
WIP
wontfix
xmpp
Yearly Report
No milestone
No project
4 participants
fede
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
Disroot/Disroot-Project#1347
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Yesterday we have been blocked by yahoo. The reason for this was that someone used lufi to upload file (some spam most likely) then used lufi's option to share by email to notify ton of email addresses (mostly yahoo looks like). Since no-reply was not rate-limited, this allowed spammer to keep spamming with pretty low effort.
Actions taken:
[Spam] - SOme sneaky fucker used lufi to spamto [Spam] - Some sneaky fucker used lufi to spamI think there are two ways to go about it:
Disable email share option (as it has been doen now temporarily)
This means in order to share by email user will need to use their own email. When this is option is disbled lufi opens whatever default mail client is setup on the user's system.
Setup seperate no-reply for lufi with heavy rate-limits
We could setup new no-reply account for lufi, and add some extra rules to prevent such outbursts. It's a bit more tricky to do since we need to be able to prevent spam while at the same time not throttle legit use.
Do you know how often people use this feature, excluding sending spam? Maybe it wouldn't hurt anybody to disable email in lufi entirely?
I imagine it can be useful to have the option to send from lufi directly, for example if you want to send something from a shared/public computer or of you don't use an email client. So if setting up no-reply with restriction is not too much work I would go for that.
I dont think the feature is used that often, hence the idea to setup heavy ratelimit. Currently it's hard to follow as no-reply sends a lot of stuff from all services, so setting dedicated account would provide us with better oversight for sure. I think we could try and got for option 2, but we need to make sure we can monitor it better and adjust in case it start rate-limit legit users. I think starting from a think like you cant send email to more then
xamount of users and have general rule on how many emails per minute could be send from the account is a good start.I agree. I would tend to think than being allowed to send to only 10 emails a day is way enough. But it is perhaps because I don't use it that much.
10 per day is too hard IMO. as it only allows 10 people to use share by email feature. I think limiting per second (5 per second) and then another limit per minute or hour would be good.
5 x second
20 x minute
50 x hour
It counts recipients not emails so basically the 1 rule would limit share to 5 recipients, etc. We could set this up and monitor activity on that no-reply account to see if it's hitting limits and why and adjust accordingly.
sounds like a good solution to me