[Board] Have the OSGeo mail servers been compromised?

Markus Neteler neteler at osgeo.org
Mon Jul 31 11:06:29 PDT 2017 

Please analyse the mail headers to really understand from which mail server
these messages were sent.

Markus (on mobile only at time)

On Jul 31, 2017 8:03 PM, "Jeff McKenna" <jmckenna at gatewaygeomatics.com>
wrote:

> I noticed a similar message on the OSGeo-Africa list, supposedly sent by
> Gavin (not an @osgeo.org account): https://lists.osgeo.org/piperm
> ail/africa/2017-July/003143.html
>
> -jeff
>
>
> On 2017-07-31 2:44 PM, Jorge Sanz wrote:
>
>> I'm receiving some mailman rejection notices from announce and
>> belgium, but many others accepted (even they ended up in my spam
>> folder).
>>
>> For example, there is a message sent on my behalf to the Argentina
>> list: https://lists.osgeo.org/pipermail/argentina/2017-July/002322.html
>>
>> Looks like it's related with the aliases system that we use like mine
>> "jsanz at osgeo.org"
>>
>> Attaching screenshot and adding in CC the SAC list.
>>
>> On 31 July 2017 at 19:31, Andrea Aime <andrea.aime at geo-solutions.it>
>> wrote:
>>
>>> Hi,
>>> I just received three mails from apparently legit mail addresses, Frank
>>> W.,
>>> Jeff and Arnulf,
>>> all reporting a Amazon security issue and asking me to connect to some
>>> decently
>>> well made fake amazon site to verify my credentials. The title is
>>> "Important
>>> Notice To All Amazon Customers"
>>> and they were all sent to the board list.
>>>
>>> I don't think the people involved have all been compromised at the same
>>> time, it seems
>>> more likely that OSGeo mail servers where hacked, or something similar...
>>>
>>> The interesting bit is that since I know those people, the messages did
>>> not
>>> get into the
>>> spam folder. Don't trust those mails!
>>>
>>> --
>>>
>>> Regards,
>>>
>>> Andrea Aime
>>>
>>> ==
>>> GeoServer Professional Services from the experts! Visit
>>> http://goo.gl/it488V
>>> for more information.
>>> ==
>>>
>>> Ing. Andrea Aime
>>> @geowolf
>>> Technical Lead
>>>
>>> GeoSolutions S.A.S.
>>> Via di Montramito 3/A
>>> 55054  Massarosa (LU)
>>> phone: +39 0584 962313
>>> fax: +39 0584 1660272
>>> mob: +39  339 8844549
>>>
>>> http://www.geo-solutions.it
>>> http://twitter.com/geosolutions_it
>>>
>>> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>>>
>>> Le informazioni contenute in questo messaggio di posta elettronica e/o
>>> nel/i
>>> file/s allegato/i sono da considerarsi strettamente riservate. Il loro
>>> utilizzo è consentito esclusivamente al destinatario del messaggio, per
>>> le
>>> finalità indicate nel messaggio stesso. Qualora riceviate questo
>>> messaggio
>>> senza esserne il destinatario, Vi preghiamo cortesemente di darcene
>>> notizia
>>> via e-mail e di procedere alla distruzione del messaggio stesso,
>>> cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
>>> divulgarlo
>>> anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo
>>> per
>>> finalità diverse, costituisce comportamento contrario ai principi dettati
>>> dal D.Lgs. 196/2003.
>>>
>>> The information in this message and/or attachments, is intended solely
>>> for
>>> the attention and use of the named addressee(s) and may be confidential
>>> or
>>> proprietary in nature or covered by the provisions of privacy act
>>> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
>>> Code).Any use not in accord with its purpose, any disclosure,
>>> reproduction,
>>> copying, distribution, or either dissemination, either whole or partial,
>>> is
>>> strictly forbidden except previous formal approval of the named
>>> addressee(s). If you are not the intended recipient, please contact
>>> immediately the sender by telephone, fax or e-mail and delete the
>>> information in this message that has been received in error. The sender
>>> does
>>> not give any warranty or accept liability as the content, accuracy or
>>> completeness of sent messages and accepts no responsibility  for changes
>>> made after they were sent or for other risks which arise as a result of
>>> e-mail transmission, viruses, etc.
>>>
>>>
>>>
>>> _______________________________________________
>>> Board mailing list
>>> Board at lists.osgeo.org
>>> https://lists.osgeo.org/mailman/listinfo/board
>>>
>>
>>
>>
>> _______________________________________________
> Board mailing list
> Board at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/board/attachments/20170731/7fba3649/attachment.htm>

More information about the Board mailing list