Bug #61257 unsubscribing does not stop spam reaching my mailbox
Submitted: 22 May 2011 9:43 Modified: 25 Apr 2012 13:23
Reporter: Peter Laursen (Basic Quality Contributor) Email Updates:
Status: Closed Impact on me:
Category:MySQL Websites: bugs.mysql.com Severity:S2 (Serious)
Version:n/a OS:Any
Assigned to: Vlad Safronov CPU Architecture:Any
Tags: qc, SPAM

[22 May 2011 9:43] Peter Laursen
I posted this old report: http://bugs.mysql.com/bug.php?id=18004

After it was closed it seems to a very popular target for spammers. I had 1-2 spam-comments every week for 2 months (at least 10 in total). At a certain point of time I unsubscribed in order to get rid of the spam.  Does not help.  I still receive the spam. The latest notification from today reads (copied from Gmail interface) 

from	Bug Database do-not-reply@mysql.com 
to	<hidden>
date	Sun, May 22, 2011 at 11:08
subject	#18004 [Com]: Connecting crashes server when default charset is UCS2
mailed-by	bugs.mysql.com

	hide details 11:08 (24 minutes ago) 	

ATTENTION! Do NOT reply to this email!
 To reply, use the web interface found at

  Comment by:  andyior andyior
  Reported by: Peter Laursen
  Category:    Server
  Severity:    S2 (Serious)
  Status:      Closed
  Changeset:   http://lists.mysql.com/commits/3971
  Version:     5.1 and 5.0/4.1BK
  OS:          Microsoft Windows
  OS Details:  WinXP/Suse Linux

 [22 May 11:08] andyior andyior

 Leky proti kyselosti organismu muze potkat i Vas. Prirodni doplnky
 stravy Vam na <a
 kyselost organismu</a> muze nabidnout prirodni lekarna. Vase telo si
 zaslouzi kvalitni peci.


The weird thing is that the web interface does does not display all those spam comments I have received over the last months. So maybe they were not really posted to the bug?

Note that 'sender' is listed as 'bug database'.  I know that it is easy to fake 'sender' in the mail header and spammers often do.  But how did the spammer know my email adress and that I was associated with this bug report. 

I am not sure if I have to consider this irresponsible and careless attitude to reporters' privacy.  But it could look like it.

How to repeat:
Se above. And also read my report at http://bugs.mysql.com/bug.php?id=49824


Suggested fix:
A system like this with no ducumented and audited privacy policy is totally unacceptable today. Do something about it, please.  The sooner the better.

And also please do not communicate with me privately about this.
[22 May 2011 9:46] Peter Laursen
Also please check your mail daemon logs if this mail (and the 10 others) was sent from bugs.mysql or not.
[22 May 2011 10:38] Valeriy Kravchuk
I also get these comments (I get all comments for every server bug actually), and when I see them I make them private immediately. That's why you do not see them via Web interface.
[22 May 2011 10:46] Peter Laursen
OK .. this is best scenario after all then! :-)
Nobody can prevent idiots to post spam here (but a filter - like Askimet  - could be implemented).

However unsubscribing does not 'unlist' me from the mail list, it seems.  I guess that this could be because I am the 'original reporter' of this particular report?  If so, please make it possible for 'original reporter's to unsubscribe as well as well as it is for 'followers'.
[25 Apr 2012 13:22] Vlad Safronov
closing old bug. 
spam problem was solved.