Using Bugzilla to hide spam sites
Aaron Trevena
aaron.trevena at gmail.com
Mon May 14 11:38:19 UTC 2007
On 14/05/07, Julien BETI <julien.beti at free.fr> wrote:
> Checking the attachment content will be somehow very difficult to
> implement, that's for sure.
Definately - that's an arms race you can't win, only mitigate the damage from.
You can raise the bar a bit for comments that look like spam - I've
seen that done in blogs and wikis, but again that's another arms race.
> But as the user have to be logged in to
> attach files, and my opinion is that perhaps the good idea is to
> enforce the subscription process, either with randomly generated numbers
> in human-only generated images, to prevent automatic account creation.
> E-mail address checking process can be a good idea also. Maybe both ;)
I've actually come accross several capchas that were broken - they are
also a pain for the disabled unless you provide an alernative which is
non-trivial.
Email confirmation should be an easy win, but even that's not a
watertight defence.
The best solution may be social - medievel style outlawing of spammers.. ;)
A.
--
http://www.aarontrevena.co.uk
LAMP System Integration, Development and Hosting
More information about the developers
mailing list