WordPress.org

Making WordPress.org

Opened 3 years ago

Last modified 23 months ago

#767 new defect

Security Confirmation Emails Go To Spam

Reported by: chriscct7 Owned by:
Milestone: Priority: normal
Component: General Keywords:
Cc:

Description

Submitted a security ticket today which @nacin and I talked about, and realized it wasn't valid.

After doing so, the security confirmation email rolled in, and it went directly to spam: http://screencloud.net/v/lHVz

There's a danger people might have submitted tickets and dont realize they had to go in spam and approve them

Change History (3)

This ticket was mentioned in Slack in #meta by ocean90. View the logs.


23 months ago

#2 @ocean90
23 months ago

  • Keywords reporter-feedback added
  • Priority changed from high to normal

@chriscct7 Do you still have the mail? Can you attache the email header to this ticket?

#3 @chriscct7
23 months ago

  • Keywords reporter-feedback removed

Yes I do. Because it is a security ticket in question, I've attached a copy of all of the headers below with the from email address and the content header redacted:

From (redacted) Wed Feb 25 19:15:43 2015
Received: from mail.wordpress.org ([66.155.40.19]:21144)
        by marx.multipattern.com with esmtp (Exim 4.84)
        (envelope-from <(redacted)>)
        id 1YQhQl-0006Ot-8s
        for report@security.wordpress.org; Wed, 25 Feb 2015 19:15:43 +0000
Received: from smtp.ufl.edu (smtp-prod02.osg.ufl.edu [128.227.74.218])
        by mail.wordpress.org (Postfix) with ESMTP id 2AEFD2017F1
        for <security@wordpress.org>; Wed, 25 Feb 2015 19:15:35 +0000 (UTC)
X-UFL-GatorLink-Authenticated: authenticated as chriscct7 () with PLAIN from 209.85.215.50
Received: from mail-la0-f50.google.com (mail-la0-f50.google.com [209.85.215.50])
        (authenticated bits=0)
        by smtp.ufl.edu (8.14.4/8.14.4/3.0.0) with ESMTP id t1PJFWjF056051
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
        for <security@wordpress.org>; Wed, 25 Feb 2015 14:15:33 -0500
Received: by lams18 with SMTP id s18so6093410lam.11
        for <security@wordpress.org>; Wed, 25 Feb 2015 11:15:32 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.112.97.106 with SMTP id dz10mr4325849lbb.4.1424891732100;
 Wed, 25 Feb 2015 11:15:32 -0800 (PST)
Received: by 10.152.45.165 with HTTP; Wed, 25 Feb 2015 11:15:32 -0800 (PST)
Date: Wed, 25 Feb 2015 14:15:32 -0500
Message-ID: <CAKgzEGacassL=Ly6=5rokztdi3hDMcEzhGUYjyz51DPOQrmtYQ@mail.gmail.com>
Subject: Security Report
From: Chris Christoff <(redacted)>
To: security@wordpress.org
Content-Type: multipart/alternative; boundary=001a11345b12890d0a050fee752d
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.13.68,1.0.33,0.0.0000
 definitions=2015-02-25_07:2015-02-25,2015-02-25,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=2 phishscore=0
 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=7.0.1-1402240000 definitions=main-1502250200
X-Spam-Level: *
X-UFL-Spam-Level: *
X-Spam-Status: No, score=-1.6
X-Spam-Score: -15
X-Spam-Bar: -
X-Ham-Report: Spam detection software, running on the system "marx.multipattern.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.

 Content preview:  (redacted)

 Content analysis details:   (-1.6 points, 5.0 required)

  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was blocked.
                             See
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                              for more information.
                             [URIs: wordpress.org]
  0.3 HTML_OBFUSCATE_05_10   BODY: Message is 5% to 10% HTML obfuscation
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                             [score: 0.0000]
  0.0 HTML_MESSAGE           BODY: HTML included in message
X-Spam-Flag: NO
Note: See TracTickets for help on using tickets.