[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Reopening bug closed due to SPAM

On Thu, Jul 21, 2005 at 11:25:09AM -0400, Yaroslav Halchenko wrote:
> > The only reason it is easy for spammers to close a bug is that the bug
> > has been already closed before (and reopened again) and the spammers
> > have harvested the -done address for that bug from the web pages.
> A very valid point... I took the task more general - to infiltrate bug
> reports (and may be give ideas for even mailing lists) from SPAM.
> crawlers get all BUGID@bugs emails and then bug reports get spammed as
> well as the relevant dudes.
> BTW - why it has to be "iff" scheme - why it can't be a pipeline
> if signed with a valid GPG signature -- permit
> else
> if spamassassin gives negative score -- permit
> else
>  send a verification letter
> Indeed - it is more load on the server but 1st step doesn't require much
> of load, mostly waiting time for the transaction. We would get to
> spamassassin quite rarely if most of people (and DD) start signing their
> submissions, and 3rd one will hit with probably 1% false positives...

Sending verification letters like that is a rather bad idea. We're
talking in the 10,000 to 100,000 verification emails a day here.

Pascal Hakim                                       0403 411 672
Do Not Bend

Attachment: signature.asc
Description: Digital signature

Reply to: