Using Bugzilla to hide spam sites

Julien BETI julien.beti at
Mon May 14 11:20:18 UTC 2007

Checking the attachment content will be somehow very difficult to 
implement, that's for sure. But as the user have to be logged in to 
attach files, and my opinion is  that perhaps the good idea is to 
enforce the subscription process, either with randomly generated numbers 
in human-only generated images, to prevent automatic account creation. 
E-mail address checking process can be a good idea also. Maybe both ;)

On 14/05/07 13:14, Teemu Mannermaa wrote:
> On 14.05.2007 13:43, Gervase Markham wrote:
>> I just had the below spam comment posted to my blog. It struck my eye 
>> because the URL is a Bugzilla attachment URL.
> Yeah, I have seen this problem reported before. Bmo was just hit with 
> such attachment a while ago (which justdave deleted promptly) and there 
> was a bug opened about this issue. See 
> for details.
>> I'm not sure there's much we can do about this. The spammer obviously 
> That was my thought exactly. I'm not sure what can be done about this 
> issue short of preventing HTML attachments or start parsing and 
> stripping bad code from them before showing.
> It does look like this problem is been exploited extensively. :(

La route est longue, mais la voie est libre...

More information about the developers mailing list