I received a fairly commercial mail this morning inviting me to use a Drupal extension that is not hosted on Drupal.org. I noticed that the "Hi ," username token was broken, so I assumed this person was doing it a lot and went looking in the db and found:

mysql> select count(1), from_unixtime(max(timestamp)), from_unixtime(min(timestamp)) from watchdog where type = 'mail' and location like 'https://www.drupal.org/user/%/contact' and uid = REDACTED;
+----------+-------------------------------+-------------------------------+
| count(1) | from_unixtime(max(timestamp)) | from_unixtime(min(timestamp)) |
+----------+-------------------------------+-------------------------------+
|       40 | 2015-08-12 14:05:07           | 2015-08-12 09:13:32           |
+----------+-------------------------------+-------------------------------+
1 row in set (0.00 sec)

mysql>

I think 40 contact form messages is the max possible.

Looking at the full watchdog for this individual the events follow a similar pattern of 10 contact form submissions, getting a 403 while trying to send another mail, pausing for a little over an hour, and then hitting 10 more pages.

I've removed the UID of the account doing this. Not sure what the appropriate way to handle this is.

Comments

greggles created an issue. See original summary.

greggles’s picture

Title: How many automated contact form spams is too many? » How many automated contact form spams is too many? And then what do we do?
dddave’s picture

How many? How about 1? Block the user asap.

greggles’s picture

Title: How many automated contact form spams is too many? And then what do we do? » How many automated contact form promotions is too many? And then what do we do?

Spam is more clear cut - this message was vaguely commercial by promoting a plugin and offering free access to a paid service.

dddave’s picture

We are quite strict with unsolicited/unwarranted usage of the contact form. If it is automated I'd say block outright, spam or not. Otherwise contact the user and explain what the contact form is for and for what is it not.

greggles’s picture

Also, I mailed the person back saying their mail seemed inappropriate to me and they've accepted that and stopped.

So...I think this is OK for now.

I mostly wanted to try to get an answer to the question if a mildly spammy message sent 40 times in 4 hours crossed the line.

dddave’s picture

I mostly wanted to try to get an answer to the question if a mildly spammy message sent 40 times in 4 hours crossed the line.

My opinion: unequivocally yes.

WorldFallz’s picture

I would also make a request for transparency.

In all the other issues we've had for similar contact form infractions (it's happened quite a few times over the years), we linked the user in question as well as included a copy of the content of the email. We also invited the user to participate in the issue and go on the record as stating they understand the rules and won't do it again.

Aside from being uncomfortable that this case is being treated differently, it will be impossible for anyone else to know if this user starts up again if they don't who the user is or what the email said.

greggles’s picture

Hi WorldFallz, I appreciate the request.

I don't think it would be appropriate to name the individual in this thread since I've released information from the db that would not normally be available to the public.

I apologize for not following the standard of asking them to reply on a public thread stating they'll follow rules - that's a new process to me, but if I get involved in questionable-post issues again I'll do my best to follow it.

greggles’s picture

Status: Active » Fixed

Forgot to do this status change back in #6.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.