[EP-tech] SPAM via request_doc

Paolo Tealdi paolo.tealdi at polito.it
Tue May 14 13:53:56 BST 2013


Hi all,

one of our users reported that someone managed to spam him using request_doc cgi, from an eprints site where the form link  wasn't visible in the record full view.
I managed to stop this unwanted spam email inserting this code line in ~/archives/<REPOSITORY_ID>/cfg/cfg.d/plugins.

$c->{plugin_alias_map}->{"Screen::Public::RequestCopy"} = undef;

This setting should delete from memory the plugin used by request_doc.
Someone had similar reporting ?
Another site, where request_doc form is visible, with captcha security in the request form isn't reported to be spam source.
Do you think that there are others way to disable request_doc form (more elegant) ?
Could be useful to implement captcha by default in the standards eprints package to avoid this unwanted emails ?

Best regards,
Paolo Tealdi

example of email received (sorry for italian, but the sense is clear):

A: xxxxxxxxxxxxxxxxxx at yyyyyyyyyyyyyy
Inviato: Giovedì 1 Gennaio 1970 1:00
Oggetto: Richiesta per "THE SEISMIC RISK IN A MEGA-CITY. Emergency planning in Istanbul IL RISCHIO SISMICO IN UNA MEGALOPOLI.  La pianificazione dell’emergenza per Istanbul"

Questo documento è stato richiesto da Archivio webthesis by "spammeremail at spammer". Please can you respond.
Demarchi, Alessandro THE SEISMIC RISK IN A MEGA-CITY. Emergency planning in Istanbul IL RISCHIO SISMICO IN UNA MEGALOPOLI. La pianificazione dell’emergenza per Istanbul. Rel. Bedrone, Riccardoand Kundak, Seda. Politecnico di Torino, 2. Facoltà di 
architettura, Corso di laurea in Pianificazione Territoriale, Urbanistica e Ambientale , 2012
E' stata data questa ragione:
I'm in my first year at university "links to spam" info; numerous follow; provides organized and precisely; follows logical
Per cortesia considera la rimozione delle restrizioni o di trasferire il full text all'archivio in modo tale che sia disponibile immediatamente per le ricerche future.
Archivio webthesis
http://webthesis.biblio.polito.it/
Contact us at bibli.webthesis at polito.it


:-(


-- 
Ing. Paolo Tealdi         Area IT - Politecnico Torino
Telefono/Phone : +39-011-0906714 , FAX : +39-011-0906799
Indirizzo/Address : C.so Duca degli Abruzzi,  24 - 10129 Torino - ITALY
Skype : tealdi.paolo
Please consider your environmental responsibility before printing this e-mail


More information about the Eprints-tech mailing list