[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] Spam to submitter via "Copy request" form



CAUTION: This e-mail originated outside the University of Southampton.
Hi Jens,
We use the recaptcha stuff e.g. https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Feprints.whiterose.ac.uk%2Fcgi%2Frequest_doc%3Fdocid%3D2348396&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=1ET0GvGupJpGWFyWKmkghYZrIlLwaZ04%2FvGRCQQByso%3D&reserved=0 .
The google.com version and recaptcha.net are essentially the same thing - but recaptcha.net isn't blocked in e.g. China, so we use that.

This does work well for us, and we also use recaptcha.net on our account creation and 'contact us' pages on our eTheses repository.

As the request details are stored in the EPrints database, you could do some analysis of these spam requests, and see if there are common themes - e.g. links in the request reason, or email addresses supplied?
You could also look at historic Apache logs and see if they all originate from the same place?

Cheers,
John



________________________________
From: eprints-tech-bounces at ecs.soton.ac.uk <eprints-tech-bounces at ecs.soton.ac.uk> on behalf of jens.witzel--- via Eprints-tech <eprints-tech at ecs.soton.ac.uk>
Sent: 13 September 2021 13:34
To: eprints-tech at ecs.soton.ac.uk <eprints-tech at ecs.soton.ac.uk>
Subject: [EP-tech] Spam to submitter via "Copy request" form

CAUTION: This e-mail originated outside the University of Southampton.

Hi out there

we have received some feedback regarding spam via the "Copy Request". Lots of emails gone to one submitter. Does anybody use any capture or something else in this direction?

First I found something in /usr/local/eprints/lib/workflows/request/default.xml (line 22ff.) - using googles capture https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.google.com%2Frecaptcha%2Fabout%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=tLNUvTsxK7sug57UF33zgbpG1oefFKF9kDwZnwLIbuQ%3D&amp;reserved=0<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.google.com%2Frecaptcha%2Fabout%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=tLNUvTsxK7sug57UF33zgbpG1oefFKF9kDwZnwLIbuQ%3D&amp;reserved=0> but for sure we will have problems with data privacy.

Second i found some hints in the Eprints wiki: A captcha pseudo-field based on https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Frecaptcha.net%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=LAiD5dkammu5ltIjan6pkUrPPQrG7PGplDqIU2vT2Rs%3D&amp;reserved=0<https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Frecaptcha.net%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=LAiD5dkammu5ltIjan6pkUrPPQrG7PGplDqIU2vT2Rs%3D&amp;reserved=0>
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FNew_Features_in_EPrints_3.2&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=Wlhr%2FhfNzGOwrDvAcZiNq2mJA7jSzKDM0pKdknvKYx8%3D&amp;reserved=0<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FNew_Features_in_EPrints_3.2&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=Wlhr%2FhfNzGOwrDvAcZiNq2mJA7jSzKDM0pKdknvKYx8%3D&amp;reserved=0>

Anything else? Cookies, Perl driven stuff? What do you guys use?

Every hint is welcome

Jens

--
Jens Witzel
Zentrale Informatik
Universit?t Z?rich
Stampfenbachstrasse 73
CH-8006 Z?rich

mail:  jens.witzel at uzh.ch
phone: +41 44 63 56777
https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.zi.uzh.ch%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=PVOzKCu%2FDhQS0TqKfPyIgfz7j6b4Y%2F666MCbCb7hQOQ%3D&amp;reserved=0<https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.zi.uzh.ch%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C7cca04139b78406f943e08d976baabf8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637671366381209261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=PVOzKCu%2FDhQS0TqKfPyIgfz7j6b4Y%2F666MCbCb7hQOQ%3D&amp;reserved=0>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20210913/f8929248/attachment-0001.html