[aur-general] We've got a spam issue in our AUR
johannes at kyriasis.com
Mon Jul 13 19:43:25 UTC 2015
On 12/07, Ido Rosen wrote:
>On Sun, Jul 12, 2015 at 2:24 PM, Lukas Fleischer
><lfleischer at archlinux.org> wrote:
>> On Sun, 12 Jul 2015 at 18:25:47, Andrejs Mivreņiks wrote:
>>> Suspending the account is good, though what about messages? Are they
>>> going to be removed? Also there is totally no spam protection that I know of at
>>> this moment in AUR, at some point it might turn out to be a bigger problem than
>>> that today.
>> I deleted all 15 comments the user posted. Given that only a very low
>> number of packages were affected, I suspect that he copy-pasted the
>> message manually. There is really nothing we can do about that (apart
>> from disabling comments)...
>I'm not sure if this is worthwhile, but:
>https://pypi.python.org/pypi/django-bogofilter/0.1 (example of
>integrating bogofilter to forum comments in Django/Python)
>We could add this email-style spam filtering (using bogofilter or any
>similar package), and make comments that fail it have to use a
>CAPTCHA? Or just make all comments require a CAPTCHA. Or a "report
>spam" link for comments.
>Another thought for improving comments might be to implement
Not all spam is automated , so just requiring a CAPTCHA wouldn't be very
useful. I think a slightly better approach would be to add the comment
to a queue if it fails the spam filter, and require a TU to approve it.
PGP Key ID: 0x50FB9B273A9D0BB5
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1495 bytes
Desc: not available
More information about the aur-general