On Thu, Jul 21, 2005 at 11:25:09AM -0400, Yaroslav Halchenko wrote: > > The only reason it is easy for spammers to close a bug is that the bug > > has been already closed before (and reopened again) and the spammers > > have harvested the -done address for that bug from the web pages. > A very valid point... I took the task more general - to infiltrate bug > reports (and may be give ideas for even mailing lists) from SPAM. > crawlers get all BUGID@bugs emails and then bug reports get spammed as > well as the relevant dudes. > > BTW - why it has to be "iff" scheme - why it can't be a pipeline > > if signed with a valid GPG signature -- permit > else > if spamassassin gives negative score -- permit > else > send a verification letter > > Indeed - it is more load on the server but 1st step doesn't require much > of load, mostly waiting time for the transaction. We would get to > spamassassin quite rarely if most of people (and DD) start signing their > submissions, and 3rd one will hit with probably 1% false positives... > Sending verification letters like that is a rather bad idea. We're talking in the 10,000 to 100,000 verification emails a day here. Pasc -- Pascal Hakim 0403 411 672 Do Not Bend
Attachment:
signature.asc
Description: Digital signature