On 12/07, Ido Rosen wrote:
On Sun, Jul 12, 2015 at 2:24 PM, Lukas Fleischer <lfleischer@archlinux.org> wrote:
On Sun, 12 Jul 2015 at 18:25:47, Andrejs Mivreņiks wrote:
Hi,
Suspending the account is good, though what about messages? Are they going to be removed? Also there is totally no spam protection that I know of at this moment in AUR, at some point it might turn out to be a bigger problem than that today. [...]
I deleted all 15 comments the user posted. Given that only a very low number of packages were affected, I suspect that he copy-pasted the message manually. There is really nothing we can do about that (apart from disabling comments)...
I'm not sure if this is worthwhile, but:
http://bogofilter.sourceforge.net/ https://pypi.python.org/pypi/django-bogofilter/0.1 (example of integrating bogofilter to forum comments in Django/Python)
We could add this email-style spam filtering (using bogofilter or any similar package), and make comments that fail it have to use a CAPTCHA? Or just make all comments require a CAPTCHA. Or a "report spam" link for comments.
Another thought for improving comments might be to implement reddit-style upvoting/downvoting.
Not all spam is automated , so just requiring a CAPTCHA wouldn't be very useful. I think a slightly better approach would be to add the comment to a queue if it fails the spam filter, and require a TU to approve it. -- Sincerely, Johannes Löthberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/