[Board] Have the OSGeo mail servers been compromised?
neteler at osgeo.org
Mon Jul 31 11:06:29 PDT 2017
Please analyse the mail headers to really understand from which mail server
these messages were sent.
Markus (on mobile only at time)
On Jul 31, 2017 8:03 PM, "Jeff McKenna" <jmckenna at gatewaygeomatics.com>
> I noticed a similar message on the OSGeo-Africa list, supposedly sent by
> Gavin (not an @osgeo.org account): https://lists.osgeo.org/piperm
> On 2017-07-31 2:44 PM, Jorge Sanz wrote:
>> I'm receiving some mailman rejection notices from announce and
>> belgium, but many others accepted (even they ended up in my spam
>> For example, there is a message sent on my behalf to the Argentina
>> list: https://lists.osgeo.org/pipermail/argentina/2017-July/002322.html
>> Looks like it's related with the aliases system that we use like mine
>> "jsanz at osgeo.org"
>> Attaching screenshot and adding in CC the SAC list.
>> On 31 July 2017 at 19:31, Andrea Aime <andrea.aime at geo-solutions.it>
>>> I just received three mails from apparently legit mail addresses, Frank
>>> Jeff and Arnulf,
>>> all reporting a Amazon security issue and asking me to connect to some
>>> well made fake amazon site to verify my credentials. The title is
>>> Notice To All Amazon Customers"
>>> and they were all sent to the board list.
>>> I don't think the people involved have all been compromised at the same
>>> time, it seems
>>> more likely that OSGeo mail servers where hacked, or something similar...
>>> The interesting bit is that since I know those people, the messages did
>>> get into the
>>> spam folder. Don't trust those mails!
>>> Andrea Aime
>>> GeoServer Professional Services from the experts! Visit
>>> for more information.
>>> Ing. Andrea Aime
>>> Technical Lead
>>> GeoSolutions S.A.S.
>>> Via di Montramito 3/A
>>> 55054 Massarosa (LU)
>>> phone: +39 0584 962313
>>> fax: +39 0584 1660272
>>> mob: +39 339 8844549
>>> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>>> Le informazioni contenute in questo messaggio di posta elettronica e/o
>>> file/s allegato/i sono da considerarsi strettamente riservate. Il loro
>>> utilizzo è consentito esclusivamente al destinatario del messaggio, per
>>> finalità indicate nel messaggio stesso. Qualora riceviate questo
>>> senza esserne il destinatario, Vi preghiamo cortesemente di darcene
>>> via e-mail e di procedere alla distruzione del messaggio stesso,
>>> cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
>>> anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo
>>> finalità diverse, costituisce comportamento contrario ai principi dettati
>>> dal D.Lgs. 196/2003.
>>> The information in this message and/or attachments, is intended solely
>>> the attention and use of the named addressee(s) and may be confidential
>>> proprietary in nature or covered by the provisions of privacy act
>>> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
>>> Code).Any use not in accord with its purpose, any disclosure,
>>> copying, distribution, or either dissemination, either whole or partial,
>>> strictly forbidden except previous formal approval of the named
>>> addressee(s). If you are not the intended recipient, please contact
>>> immediately the sender by telephone, fax or e-mail and delete the
>>> information in this message that has been received in error. The sender
>>> not give any warranty or accept liability as the content, accuracy or
>>> completeness of sent messages and accepts no responsibility for changes
>>> made after they were sent or for other risks which arise as a result of
>>> e-mail transmission, viruses, etc.
>>> Board mailing list
>>> Board at lists.osgeo.org
> Board mailing list
> Board at lists.osgeo.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Board