[SAC] Fwd: [osgeo4w-dev] [osgeo4w] #495: !!*!18443075701!*!! BROTHER printer t.o.l.l f.r.e.e n.u.m.b.e.r u.s.a.

Alex M tech_dev at wildintellect.com
Tue May 3 11:58:40 PDT 2016


On 05/03/2016 02:03 PM, Sandro Santilli wrote:
> On Tue, May 03, 2016 at 01:48:39PM -0400, Alex M wrote:
>> Looks like it's hitting osgeo4w trac now too.
> 
> proj4js is also being hit.
> 
>> Should we temporarily disable all wiki and ticket creation on all trac
>> instances while we clean out accounts?
> 
> I think we just need a faster way to block LDAP accounts.
> Disabling all edits won't tell us much about who the spammer are.
> 
> 'ravi' is a new one, I just added it (but those already reported
> are still hitting too).
> 
> --strk;
> 

Well ideally we would honeypot or generate a report of likely spam
accounts, and process them on a schedule to eliminate bad accounts via
some code, cron etc...

My disabling of editing it just to avoid the mass email traffic that
ticket spamming is now causing (I suppose I can just disable ticket
creation, wiki edits don't cause emails), not a long term fix. I still
have no idea if the accounts are new or not (and don't know how to get
that information from LDAP) to know if the Recaptcha is working.

Next step seems to be https://trac.edgewall.org/wiki/SpamFilter

Also maybe we could dissallow titles longer than a certain length which
seems to always be spam. Or titles that don't start with alphanum, etc...

Thanks,
Alex


More information about the Sac mailing list