On Friday 08 Mar 2013 08:27:07 Per Jessen wrote:
Gravatar wrote:
You are receiving this e-mail because a request
has been made to
change the
gravatar.com password associated with this address
(opensuse-project(a)opensuse.org). If you would like to reset the
password for this account simply click on the link below or paste it
into the url field on your favorite browser:
These guys are persistent, huh? Won't take them to get blacklisted
around the world like that.
I'm responsible for one of these requests but not the setting up of the
gravatar account. It would seem that someone has created a gravatar account
using opensuse-project(a)o.o as the account identifier and I was able to reset
the account password and login to gravatar using the opensuse-project(a)o.o
address as my username.
This is problematic because a malicious person may have had the intention to
use an offensive or misleading avatar image and post on anyone of the hundreds
of thousands of blogs, forums and social media sites that use gravatar avatar
icons.
CC'ing admin(a)o.o on this as other ML's may be succeptable to this too, looks
like a reasonable fix is to redirect all ML incoming mail from gravatar to
admin(a)o.o
Cheers the noo,
Graham
--
To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org
To contact the owner, email: opensuse-project+owner(a)opensuse.org