From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 97040 invoked by alias); 10 Aug 2016 12:33:11 -0000 Mailing-List: contact overseers-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: , Sender: overseers-owner@sourceware.org Received: (qmail 92860 invoked by uid 48); 10 Aug 2016 12:32:56 -0000 From: "LpSolit at netscape dot net" To: overseers@gcc.gnu.org Subject: [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam) Date: Wed, 10 Aug 2016 12:33:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: web X-Bugzilla-Version: unknown X-Bugzilla-Keywords: X-Bugzilla-Severity: enhancement X-Bugzilla-Who: LpSolit at netscape dot net X-Bugzilla-Status: ASSIGNED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: LpSolit at netscape dot net X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2016-q3/txt/msg00042.txt.bz2 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D72856 --- Comment #5 from Fr=C3=A9d=C3=A9ric Buclin = --- (In reply to Gerald Pfeifer from comment #2) > As for rate throttling, how about only allowing for a single bug=20 > report per day until a bug report has been "processed" Isn't one bug per day a bit rude for legit users? I would be tempted to say that above 2 or 3 new bug reports, it's reasonable to question if the user = is trying to spam Bugzilla or not. This is why I made the proposal in comment = 0 to use something exponential. This would give us something like: 3**n-1 5**n =3D=3D=3D=3D=3D=3D =3D=3D=3D=3D T0 : account created T0 : account created T0 : 1st bug created T0+1min : 1st bug created T0+2min : 2nd bug created T0+6min : 2nd bug created T0+10min: 3rd bug created T0+31min: 3rd bug created T0+36min: 4th bug created T0+2.5h : 4th bug created T0+2h : 5th bug created T0+13h : 5th bug created T0+6h : 6th bug created T0+65h : 6th bug created T0+18h : 7th bug created etc... T0+55h : 8th bug created etc... So a spammer could file at most 6-8 bugs in a week, but a legit user could still easily file his first 2-3 bugs in a half hour. Of course, this rate l= imit would only apply to users without editbugs privileges, so e.g. @gcc.gnu.org accounts would not be affected. --=20 You are receiving this mail because: You are on the CC list for the bug.