Opened 16 years ago

Closed 14 years ago

#9281 closed (worksforme)

emails are displayed by django bug tracker and harvested by spam robots

Reported by: Thomas Capricelli Owned by: Jacob
Component: *.djangoproject.com Version: 1.2
Severity: Keywords:
Cc: andre.miras.same.here@… Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Hello. I'm using an unique email address to report bugs on django (the spamgourmet stuff) and I'm now getting spam though this address. I've put this very same email address in google, and it indeed finds my bug report pages in django trac stuff. Which confirms that the address is 'visible' from un-identified user on the site.

I've confirmed that by going to the same page while not being identified, and looked at the page source : the email is displayed in the page, raw.

This is really surprising, as I'm using spamgourmet a lot, especially on *.com sites, and so far this is the first time I ever got some spam through this. I'll probably get more spam just by filling this bug report.

I've used other trac-based report pages, and I did not have the problem. So I have hope this is not something you cannot manage to do with trac. Or maybe this is because of the high 'visibility' / pagerank of django website ?

I hope you can do something about this.

Change History (7)

comment:1 by Thomas Capricelli, 16 years ago

Precision. This seems to happen for anonymous posting (I probably created the the ticket entry before having an account here, this is #6541). Still, emails should not be displayed on the internet for anonymous people, don't you think so?
greetings.

comment:2 by Julien Phalip, 16 years ago

The best approach would be email obfuscation, but that would require an upgrade of Trac. I don't know if the Devs are ready to do it though, as upgrading Trac can be quite tedious and tricky.

See the Trac's Trac page about the email obfuscation issue: http://trac.edgewall.org/ticket/153

comment:3 by Andre Miras, 16 years ago

Cc: andre.miras.same.here@… added

comment:4 by Jacob, 16 years ago

Owner: changed from nobody to Jacob
Status: newassigned

comment:5 by Jacob, 16 years ago

Triage Stage: UnreviewedAccepted

comment:6 by Thomas Capricelli, 14 years ago

Version: 1.01.2

I keep on being flooded by spam on this email. And as another side effect... i dont receive mails about the tickets here. They are flagged as spam.
This ticket system is based on trac, right ? (or even is 100% trac?). Doesn't trac have something for obfuscating mail ? I dont use it, but i would be surprised it does not.

comment:7 by Justin Lilly, 14 years ago

Resolution: worksforme
Status: assignedclosed

Looks like this has been fixed with the latest Trac upgrade.

Note: See TracTickets for help on using tickets.
Back to Top