Red Hat Bugzilla – Bug 486766
Bugzilla makes it too easy for spammers
Last modified: 2014-10-12 18:46:00 EDT
Description of problem:
To harvest email addresses all a spammer need do is subscribe to various bug reports and just wait until Bugzilla send some email addresses.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. add a comment or file a new big report
2. wait a few days
Spam, spam, and more spam.
There should be a simple option to prevent one's actual email address from being visible to other registered bugzilla users.
Pls change "big report" to "bug report".
We do not currently show the email address now unless the user is logged into a valid bugzilla account.
*** This bug has been marked as a duplicate of bug 447765 ***
This bug is NOT a duplicate of 447765. That bug relates only to anonymous viewers of bug reports. The problem is registered users whose computers are either virus-ridden or users whose intent is malicious.
There is no need to EVER show ANY user's email address. All communication should be directed via bugzilla without ever revealing any email adress.
This will not change. When you signed up to Bugzilla there was a message: "PRIVACY NOTICE: Red Hat Bugzilla is an open bug tracking system. Activity on most bugs, including email addresses, will be visible to the public. We recommend using a secondary account or free web email service (such as Gmail, Yahoo, Hotmail, or similar) to avoid receiving spam at your primary email address."