Skip to Content.
Sympa Menu

cacert-devel - RE: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1)

Subject: CAcert Code Development list.

List archive

RE: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1)


Chronological Thread 
  • From: <ulrich AT cacert.org>
  • To: "'Mario Lipinski'" <mario AT cacert.org>, <cacert-devel AT lists.cacert.org>
  • Subject: RE: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1)
  • Date: Tue, 13 Jul 2010 16:45:56 +0200
  • Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
  • Importance: Normal

> -----Original Message-----
> From: Mario Lipinski 
> [mailto:mario AT cacert.org]
>  
> Sent: Tuesday, July 13, 2010 12:47 PM

> Hi developers,

> working on the above mentioned arbitration I came about the topic
> how to handle abuse of the CAcert systems in regard of adding
> domain/email addresses. This means a user adding a domain or email
> address he is not authorized to add and the ping test is subject to
fail.

> Questions about current status: The support team only has access to
> information about domains/email addresses for which the period to
> answer the ping has not expired. Are these kept for a longer time
> in the database? When are they deleted? What is deleted?

The process on ping tests for adding email addresses and/or domains
is 2 folded.

First is to add 
1. for domain pings
   to table 'domains' the domain name and a hash key
2. for email pings
   to table 'email' the email address and a hash key

Then there is a background process, who deletes records
with timestamp differences >= 172800 (sec) => 48 hours = 2 days
see sourcecode /scripts/removedead.php

        $query = "delete from `domains` where `hash`!='' and
                        (UNIX_TIMESTAMP(NOW()) -
UNIX_TIMESTAMP(`created`)) >= 172800";
        mysql_query($query);

        $query = "delete from `email` where `hash`!='' and
                        (UNIX_TIMESTAMP(NOW()) -
UNIX_TIMESTAMP(`created`)) >= 172800";
        mysql_query($query);

There are also other maintenance tasks in this script ...

The testserver image includes a cron table of jobs:
# m h dom mon dow
 17 *  *   *   *           hourly
 25 6  *   *   *           daily
 47 6  *   *   7           weekly
 52 6  1   *   *           monthly

From the Webdb documentation
https://wiki.cacert.org/SystemAdministration/Systems/Webdb
under
https://wiki.cacert.org/SystemAdministration/Systems/Webdb#Cron_jobs
there is the definition:
/home/cacert/www/scripts/removedead.php, to be run every hour 

So it can be assumed, that such an abusive email or domain creation
will be automaticly removed after about 48-49 hours
and therefor any evidence about this abuse gets lost.



-- 
mit freundlichen Gruessen / best regards
Ulrich Schroeter - CAcert Assurance Team Leader, CAcert Case Manager,
CAcert Arbitrator
 
CAcert.org - Free Certificates
E-Mail: 
ulrich AT cacert.org






  

Attachment: smime.p7s
Description: S/MIME cryptographic signature




Archive powered by MHonArc 2.6.16.

Top of Page