On Sun, 12 Jul 2015 at 17:54:10, Daniel Micay wrote:
On 12/07/15 11:24 AM, Andrejs Mivreņiks wrote:
Hi,
The user instmania[1] has posted spam links in the comments section of almost every recently updated package. For example [2]
[1] https://aur4.archlinux.org/account/instmania/ [2] https://aur4.archlinux.org/packages/warthunder/
I submitted a patch to remove the incentive to do this:
https://lists.archlinux.org/pipermail/aur-dev/2015-July/003608.html
It would be nice to implement the registration question we have on the forums and wiki too.
We introduced a similar (even harder and quickly changing) question the last time we had issues with a spam bot. It didn't help, the spammer revamped his bot within a couple of minutes, see [1]. Our next countermeasure was to require email confirmations on registration (and preventing the same email address from being used twice) which worked fine. Obviously, all that doesn't help when a human registers himself. The only additional thing I can think of is some flood control mechanism which does not fix the problem itself but helps reducing the degree of damage... [1] https://lists.archlinux.org/pipermail/aur-dev/2013-March/002438.html