Subject: CAcert Code Development list.
List archive
RE: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1)
Chronological Thread
- From: <ulrich AT cacert.org>
- To: "'Mario Lipinski'" <mario AT cacert.org>, <cacert-devel AT lists.cacert.org>
- Subject: RE: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1)
- Date: Tue, 13 Jul 2010 16:45:56 +0200
- Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
- Importance: Normal
> -----Original Message-----
> From: Mario Lipinski
> [mailto:mario AT cacert.org]
>
> Sent: Tuesday, July 13, 2010 12:47 PM
> Hi developers,
> working on the above mentioned arbitration I came about the topic
> how to handle abuse of the CAcert systems in regard of adding
> domain/email addresses. This means a user adding a domain or email
> address he is not authorized to add and the ping test is subject to
fail.
> Questions about current status: The support team only has access to
> information about domains/email addresses for which the period to
> answer the ping has not expired. Are these kept for a longer time
> in the database? When are they deleted? What is deleted?
The process on ping tests for adding email addresses and/or domains
is 2 folded.
First is to add
1. for domain pings
to table 'domains' the domain name and a hash key
2. for email pings
to table 'email' the email address and a hash key
Then there is a background process, who deletes records
with timestamp differences >= 172800 (sec) => 48 hours = 2 days
see sourcecode /scripts/removedead.php
$query = "delete from `domains` where `hash`!='' and
(UNIX_TIMESTAMP(NOW()) -
UNIX_TIMESTAMP(`created`)) >= 172800";
mysql_query($query);
$query = "delete from `email` where `hash`!='' and
(UNIX_TIMESTAMP(NOW()) -
UNIX_TIMESTAMP(`created`)) >= 172800";
mysql_query($query);
There are also other maintenance tasks in this script ...
The testserver image includes a cron table of jobs:
# m h dom mon dow
17 * * * * hourly
25 6 * * * daily
47 6 * * 7 weekly
52 6 1 * * monthly
From the Webdb documentation
https://wiki.cacert.org/SystemAdministration/Systems/Webdb
under
https://wiki.cacert.org/SystemAdministration/Systems/Webdb#Cron_jobs
there is the definition:
/home/cacert/www/scripts/removedead.php, to be run every hour
So it can be assumed, that such an abusive email or domain creation
will be automaticly removed after about 48-49 hours
and therefor any evidence about this abuse gets lost.
--
mit freundlichen Gruessen / best regards
Ulrich Schroeter - CAcert Assurance Team Leader, CAcert Case Manager,
CAcert Arbitrator
CAcert.org - Free Certificates
E-Mail:
ulrich AT cacert.org
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1), Mario Lipinski, 07/13/2010
- RE: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1), ulrich, 07/13/2010
- Re: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1), Ian G, 07/14/2010
- Re: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1), Mario Lipinski, 07/20/2010
- Re: Auditing/fighting abuse of CAcert systems in regard of adding domain/email addresses (a20100527.1), Mario Lipinski, 07/20/2010
Archive powered by MHonArc 2.6.16.