[SAC] Re-enable LDAP user creation
Sandro Santilli
strk at keybit.net
Sun May 8 03:34:12 PDT 2016
On Sun, May 08, 2016 at 12:28:12PM +0200, Frank Warmerdam wrote:
> Strk,
>
> It seems I missed some of the discussion in #1665, but I don't really
> see what is hoped to be accomplished. If someone is willing to create
> the accounts with a human then they will also be willing to do email
> confirmation, etc. Basically, we can't really stop humans that want
> to span things.
I don't know the details of what happened either.
Alex reported that users were still being created.
I'm not sure if his query was correct as he's been using
"modify" timestamp rather than "create" timestamp, and
I don't know by which time was the captcha-based mechanism
introduced.
To me, forcing accounts to be created by humans is good enough
for a start. Then we should aim at finding a way to detect
"dormient" users to remove them. For example I found there
are accounts named gmail1 to gmail33, but only gmail1 to gmail8
were found to be sending spam, so far.
--strk;
More information about the Sac
mailing list