* [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam)
@ 2016-08-10 2:43 LpSolit at netscape dot net
2016-08-10 2:44 ` [Bug web/72856] " LpSolit at netscape dot net
` (11 more replies)
0 siblings, 12 replies; 13+ messages in thread
From: LpSolit at netscape dot net @ 2016-08-10 2:43 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
Bug ID: 72856
Summary: Trottle bug creation for newly created accounts (to
limit spam)
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: enhancement
Priority: P3
Component: web
Assignee: LpSolit at netscape dot net
Reporter: LpSolit at netscape dot net
CC: fche at redhat dot com, overseers at gcc dot gnu.org
Target Milestone: ---
GCC Bugzilla suffered vandalism again between July 25 and 27. 709 spam bugs
have been filed during this 48 hours window. 103 different email addresses have
been used to avoid being blocked too quickly. This gives a ratio on average of
7 spam per account.
For the record, moving a bug into the 'spam' component and marking it as
INVALID automatically disables the user account of the spammer. But this gives
a plenty of time to spammers to file new bugs till a triager closes spam as
INVALID. So I think we should limit the rate at which new accounts can file new
bugs. In the table below, we can see that several spammers managed to file
several tens of spam in a row, so trottling bug creation for them would have
helped a bit.
mysql> select count(*) as nb_spam, login_name as spammer, newvalue as
creation_time from bugs inner join profiles on profiles.userid = reporter inner
join profiles_activity on profiles_activity.userid = reporter where
component_id = (select id from components where name = 'spam') and creation_ts
> '2016-07-20' and creation_ts < '2016-07-31' and fieldid = (select id from
fielddefs where name = 'creation_ts') group by reporter order by nb_spam desc;
+---------+-------------------------------------------+---------------------+
| nb_spam | spammer | creation_time |
+---------+-------------------------------------------+---------------------+
| 55 | andrusmith20163@gmail.com | 2016-07-25 21:39:09 |
| 51 | vvw@a.ahcainc.com | 2016-07-26 04:50:31 |
| 41 | satyamsingh168@yahoo.com | 2016-07-25 20:59:20 |
| 30 | kethyjelly@yopmail.com | 2016-07-25 20:53:31 |
| 28 | clarkally128@gmail.com | 2016-07-25 23:12:26 |
| 27 | boltanwelly@gmail.com | 2016-07-25 20:55:21 |
| 26 | loveubaby@yopmail.com | 2016-07-25 22:10:41 |
| 25 | shobhitgargniet@gmail.com | 2016-07-25 21:00:17 |
| 22 | rpaul9596@gmail.com | 2016-07-26 05:17:48 |
| 18 | rassules11@gmail.com | 2016-07-26 11:18:55 |
| 16 | rocksmith2143@gmail.com | 2016-07-25 20:46:22 |
| 16 | ckattyperry@gmail.com | 2016-07-26 10:37:12 |
| 15 | Wout1930@armyspy.com | 2016-07-25 20:45:15 |
| 15 | vipin01kumar2012@gmail.com | 2016-07-25 22:04:10 |
| 14 | zzqr@tm.tosunkaya.com | 2016-07-26 00:27:57 |
| 13 | 45aaoa+2iao75mo6pqv1c33b8@sharklasers.com | 2016-07-25 20:27:28 |
| 13 | adcss@dayrep.com | 2016-07-25 20:45:33 |
| 13 | ishiboy2@codehot.co.uk | 2016-07-25 22:06:34 |
| 11 | vbgjgh@yopmail.com | 2016-07-25 20:41:27 |
| 10 | harharmahadev@yopmail.com | 2016-07-25 20:01:14 |
| 10 | rajdsky10@gmail.com | 2016-07-25 22:54:02 |
| 9 | teresadoris41@gmail.com | 2016-07-25 20:41:57 |
| 9 | pqrt@ze.gally.jp | 2016-07-25 22:04:28 |
| 9 | bkattyperry@gmail.com | 2016-07-26 10:36:32 |
| 8 | hs851446@gmail.com | 2016-07-25 21:06:15 |
| 8 | sunnyhooda76@gmail.com | 2016-07-25 21:06:05 |
| 8 | Sagat1987@superrito.com | 2016-07-25 21:36:56 |
| 8 | ram307338@gmail.com | 2016-07-25 22:04:25 |
| 7 | 45a7cj+pc1auass999c@sharklasers.com | 2016-07-25 20:50:36 |
| 7 | Logne1973@cuvox.de | 2016-07-25 21:43:45 |
| 7 | johnhuff31@yopmail.com | 2016-07-26 05:20:39 |
| 7 | inlr@we.wallm.com | 2016-07-26 09:18:41 |
| 7 | joanann0@uw5t6ds54.com | 2016-07-26 12:22:05 |
| 6 | threas1938@jourrapide.com | 2016-07-26 11:43:02 |
| 5 | ramu.sara1000017@gmail.com | 2016-07-26 07:40:03 |
| 5 | avamonw@gmail.com | 2016-07-26 10:06:27 |
| 4 | rachitakumari522@gmail.com | 2016-07-25 20:46:30 |
| 4 | techbrothers2016@gmail.com | 2016-07-25 22:17:38 |
| 4 | giqr@barryogorman.com | 2016-07-26 09:38:55 |
| 4 | dlaf1j2u.qyp@20email.eu | 2016-07-26 10:38:21 |
| 4 | una@c.cynaver.com | 2016-07-26 11:28:23 |
| 4 | andrusmith20168@gmail.com | 2016-07-26 00:33:43 |
| 3 | yt5scljm.uoq@20email.eu | 2016-07-25 20:55:26 |
| 3 | ankurcoe22@gmail.com | 2016-07-25 21:23:06 |
| 3 | akattyperry@gmail.com | 2016-07-26 08:51:01 |
| 3 | adnj@maildx.com | 2016-07-26 09:04:00 |
| 3 | vsmr@er.fr.to | 2016-07-26 09:13:02 |
| 3 | larrypage001526@gmail.com | 2016-07-26 10:29:07 |
| 3 | gkattyperry@gmail.com | 2016-07-26 10:40:46 |
| 3 | ahay5o2t.bls@20email.eu | 2016-07-26 11:31:55 |
| 3 | jorjbally@gmail.com | 2016-07-26 11:33:40 |
| 3 | lilac18@uw5t6ds54.com | 2016-07-26 12:38:24 |
| 3 | evwztvei.w0k@20email.eu | 2016-07-26 12:48:30 |
| 3 | tovah95@uw5t6ds54.com | 2016-07-26 12:50:57 |
| 2 | ffkattyperry@gmail.com | 2016-07-25 20:54:56 |
| 2 | amarniket17@gmail.com | 2016-07-25 21:02:09 |
| 2 | abigaillogan62@gmail.com | 2016-07-25 22:08:08 |
| 2 | intelomedia03@gmail.com | 2016-07-25 22:29:25 |
| 2 | jhon12wirte@gmail.com | 2016-07-25 23:00:33 |
| 2 | deik.slpk458@gmail.com | 2016-07-26 00:16:41 |
| 2 | ranjetn852@gmail.com | 2016-07-26 04:13:26 |
| 2 | stalkonq@gmail.com | 2016-07-26 09:15:48 |
| 2 | pandaranjan247@gmail.com | 2016-07-26 09:15:25 |
| 2 | veroncia5@uw5t6ds54.com | 2016-07-26 10:11:56 |
| 2 | kevinlewis760@gmail.com | 2016-07-26 10:18:31 |
| 2 | f931569@mvrht.com | 2016-07-26 11:11:49 |
| 2 | x2mspjb4.scv@20email.eu | 2016-07-26 11:13:04 |
| 2 | 5rio2y1n.5mw@20email.eu | 2016-07-26 11:24:57 |
| 2 | qsmr@qs.grish.de | 2016-07-26 11:35:17 |
| 2 | ygnulgim.0d0@20email.eu | 2016-07-26 11:46:23 |
| 2 | 5pwwdbqr.k54@20email.eu | 2016-07-26 11:55:26 |
| 2 | lesa.smith212@gmail.com | 2016-07-26 11:56:39 |
| 2 | seinamillarhelp@gmail.com | 2016-07-26 12:18:15 |
| 2 | 0dlu2wpq.3bl@20email.eu | 2016-07-26 12:26:29 |
| 2 | mqebsuzf.0wp@20email.eu | 2016-07-26 12:35:00 |
| 1 | maine@yopmail.com | 2016-07-25 20:59:20 |
| 1 | stephangranado3@gmail.com | 2016-07-25 22:28:51 |
| 1 | sahil69@yopmail.com | 2016-07-25 22:55:44 |
| 1 | noidaup8@gmail.com | 2016-07-25 23:01:51 |
| 1 | tanudurrmat@gmail.com | 2016-07-26 00:17:33 |
| 1 | jacksftt@gmail.com | 2016-07-26 09:18:01 |
| 1 | janette75@uw5t6ds54.com | 2016-07-26 09:52:59 |
| 1 | skyphelpline@gmail.com | 2016-07-26 10:12:31 |
| 1 | whcpvgyg.rjz@20email.eu | 2016-07-26 10:27:26 |
| 1 | oxvmmus5.il5@20email.eu | 2016-07-26 10:32:46 |
| 1 | ifzv0va3.m0y@20email.eu | 2016-07-26 10:54:58 |
| 1 | w5lkox3p.ado@20email.eu | 2016-07-26 11:03:48 |
| 1 | antivirusshelplinenumber5526@gmail.com | 2016-07-26 11:13:51 |
| 1 | davidwarner1369@gmail.com | 2016-07-26 11:16:57 |
| 1 | nidhimishra@codehot.co.uk | 2016-07-26 11:20:36 |
| 1 | lisa.thomas22345@gmail.com | 2016-07-26 11:50:30 |
| 1 | smithmartin919@gmail.com | 2016-07-26 11:56:08 |
| 1 | monti.carlo879@gmail.com | 2016-07-26 12:00:31 |
| 1 | lisa.smith5555555@gmail.com | 2016-07-26 12:06:38 |
| 1 | 5f0rfifp.i2x@20email.eu | 2016-07-26 12:06:28 |
| 1 | burnet62@uw5t6ds54.com | 2016-07-26 12:12:25 |
| 1 | andrusmith201620@gmail.com | 2016-07-26 12:15:16 |
| 1 | teagreen80@uw5t6ds54.com | 2016-07-26 12:15:43 |
| 1 | andrusmith20164@gmail.com | 2016-07-26 00:26:58 |
| 1 | ramu.sara100006@gmail.com | 2016-07-26 12:31:21 |
| 1 | andrusmith20166@gmail.com | 2016-07-26 00:30:44 |
| 1 | andrusmith20167@gmail.com | 2016-07-26 00:31:56 |
| 1 | andrusmith20169@gmail.com | 2016-07-26 00:35:19 |
+---------+-------------------------------------------+---------------------+
103 rows in set (0.01 sec)
Anyone has a good suggestion for the rate limit? Probably something
exponential, so that new legit users can still file a bug or two, but then
expand the delay before being allowed to file the next bug and so on. Something
like:
$minutes_till_next_bug_report = 3**$number_of_already_reported_bugs - 1;
What do you think?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
@ 2016-08-10 2:44 ` LpSolit at netscape dot net
2016-08-10 5:50 ` trippels at gcc dot gnu.org
` (10 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: LpSolit at netscape dot net @ 2016-08-10 2:44 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
Frédéric Buclin <LpSolit at netscape dot net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed| |2016-08-10
Ever confirmed|0 |1
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
2016-08-10 2:44 ` [Bug web/72856] " LpSolit at netscape dot net
@ 2016-08-10 5:50 ` trippels at gcc dot gnu.org
2016-08-10 8:33 ` gerald at pfeifer dot com
` (9 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: trippels at gcc dot gnu.org @ 2016-08-10 5:50 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
Markus Trippelsdorf <trippels at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |trippels at gcc dot gnu.org
--- Comment #1 from Markus Trippelsdorf <trippels at gcc dot gnu.org> ---
> GCC Bugzilla suffered vandalism again between July 25 and 27. 709 spam bugs have been filed during this 48 hours window.
All of these would have been easily detected by a simple Bayes spam filter.
So why not run all new bugs and all new comments thru one?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
2016-08-10 2:44 ` [Bug web/72856] " LpSolit at netscape dot net
2016-08-10 5:50 ` trippels at gcc dot gnu.org
@ 2016-08-10 8:33 ` gerald at pfeifer dot com
2016-08-10 11:46 ` manu at gcc dot gnu.org
` (8 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: gerald at pfeifer dot com @ 2016-08-10 8:33 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
Gerald Pfeifer <gerald at pfeifer dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |gerald at pfeifer dot com
--- Comment #2 from Gerald Pfeifer <gerald at pfeifer dot com> ---
Thanks for looking into this, Frédéric!
As for rate throttling, how about only allowing for a single bug
report per day until a bug report has been "processed" (for some
suitable definition of "processed" - perhaps even any action that
is different from simply marking it as spam)?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (2 preceding siblings ...)
2016-08-10 8:33 ` gerald at pfeifer dot com
@ 2016-08-10 11:46 ` manu at gcc dot gnu.org
2016-08-10 12:04 ` LpSolit at netscape dot net
` (7 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: manu at gcc dot gnu.org @ 2016-08-10 11:46 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
Manuel López-Ibáñez <manu at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |manu at gcc dot gnu.org
--- Comment #3 from Manuel López-Ibáñez <manu at gcc dot gnu.org> ---
(In reply to Frédéric Buclin from comment #0)
> GCC Bugzilla suffered vandalism again between July 25 and 27. 709 spam bugs
> have been filed during this 48 hours window. 103 different email addresses
> have been used to avoid being blocked too quickly. This gives a ratio on
> average of 7 spam per account.
I wonder about the effort required to do such a thing. Some of those emails
seem fake, is there some kind of confirmation email for newly created accounts?
Limiting the number of bug reports per new account seems a good measure, but
also easily circumvented as long as someone can create as many new users as
they wish and each user stays below the limit.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (3 preceding siblings ...)
2016-08-10 11:46 ` manu at gcc dot gnu.org
@ 2016-08-10 12:04 ` LpSolit at netscape dot net
2016-08-10 12:33 ` LpSolit at netscape dot net
` (6 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: LpSolit at netscape dot net @ 2016-08-10 12:04 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
--- Comment #4 from Frédéric Buclin <LpSolit at netscape dot net> ---
(In reply to Manuel López-Ibáñez from comment #3)
> I wonder about the effort required to do such a thing. Some of those emails
> seem fake, is there some kind of confirmation email for newly created
> accounts?
Yes. When a user requests a new account, an email is sent to that email
address, and the user must click on the link which is in the email to confirm
that 1) the email address is valid, and 2) it belongs to the user who wants to
create the bugzilla account. Clicking on this link will display a page where
the user must type his new password, and only after that is the bugzilla
account activated. It is not possible to create bugzilla accounts automatically
using the API (to prevent such problems).
> Limiting the number of bug reports per new account seems a good measure, but
> also easily circumvented as long as someone can create as many new users as
> they wish and each user stays below the limit.
I agree, that's a problem. But I think there isn't one single solution which
fixes all cases, but rather multiple solutions which, when combined together,
can give a reasonable level of spam prevention.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (4 preceding siblings ...)
2016-08-10 12:04 ` LpSolit at netscape dot net
@ 2016-08-10 12:33 ` LpSolit at netscape dot net
2016-08-10 12:41 ` fche at redhat dot com
` (5 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: LpSolit at netscape dot net @ 2016-08-10 12:33 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
--- Comment #5 from Frédéric Buclin <LpSolit at netscape dot net> ---
(In reply to Gerald Pfeifer from comment #2)
> As for rate throttling, how about only allowing for a single bug
> report per day until a bug report has been "processed"
Isn't one bug per day a bit rude for legit users? I would be tempted to say
that above 2 or 3 new bug reports, it's reasonable to question if the user is
trying to spam Bugzilla or not. This is why I made the proposal in comment 0 to
use something exponential. This would give us something like:
3**n-1 5**n
====== ====
T0 : account created T0 : account created
T0 : 1st bug created T0+1min : 1st bug created
T0+2min : 2nd bug created T0+6min : 2nd bug created
T0+10min: 3rd bug created T0+31min: 3rd bug created
T0+36min: 4th bug created T0+2.5h : 4th bug created
T0+2h : 5th bug created T0+13h : 5th bug created
T0+6h : 6th bug created T0+65h : 6th bug created
T0+18h : 7th bug created etc...
T0+55h : 8th bug created
etc...
So a spammer could file at most 6-8 bugs in a week, but a legit user could
still easily file his first 2-3 bugs in a half hour. Of course, this rate limit
would only apply to users without editbugs privileges, so e.g. @gcc.gnu.org
accounts would not be affected.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (5 preceding siblings ...)
2016-08-10 12:33 ` LpSolit at netscape dot net
@ 2016-08-10 12:41 ` fche at redhat dot com
2016-08-11 11:58 ` joseph at codesourcery dot com
` (4 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: fche at redhat dot com @ 2016-08-10 12:41 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
--- Comment #6 from Frank Ch. Eigler <fche at redhat dot com> ---
Per-account rate limits seem so easy to overcome, with spammers already
creating numerous verified junk accounts with ease.
I would suggest focusing on spam-prevention content analysis (spamassassin
style), and post-spam cleanup (blacklisting, history editing, bug hiding?)
efforts.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (6 preceding siblings ...)
2016-08-10 12:41 ` fche at redhat dot com
@ 2016-08-11 11:58 ` joseph at codesourcery dot com
2016-08-15 19:57 ` redi at gcc dot gnu.org
` (3 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: joseph at codesourcery dot com @ 2016-08-11 11:58 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
--- Comment #7 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
Are lots of the spam bugs coming from the same IP address, or from lots of
different IP addresses - is it readily possibly to tell what IP address
created a given bug? (If lots come from the same IP address, hooking
Bugzilla up to something like fail2ban to block connections from the IP
address that created a bug marked as spam could help.)
Much the same question applies to spam account creations (throttle account
creations from the same IP address).
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (7 preceding siblings ...)
2016-08-11 11:58 ` joseph at codesourcery dot com
@ 2016-08-15 19:57 ` redi at gcc dot gnu.org
2016-08-16 14:41 ` LpSolit at netscape dot net
` (2 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: redi at gcc dot gnu.org @ 2016-08-15 19:57 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
--- Comment #9 from Jonathan Wakely <redi at gcc dot gnu.org> ---
(In reply to Frank Ch. Eigler from comment #6)
> Per-account rate limits seem so easy to overcome, with spammers already
> creating numerous verified junk accounts with ease.
They're using a new account for every bug today, because I'm closing the bugs
as spam as soon as they create them. It isn't stopping them.
> I would suggest focusing on spam-prevention content analysis (spamassassin
> style), and post-spam cleanup (blacklisting, history editing, bug hiding?)
> efforts.
This this this this.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (8 preceding siblings ...)
2016-08-15 19:57 ` redi at gcc dot gnu.org
@ 2016-08-16 14:41 ` LpSolit at netscape dot net
2016-08-22 20:10 ` bernd.edlinger at hotmail dot de
2016-08-23 6:07 ` [Bug web/72856] Throttle " gerald at pfeifer dot com
11 siblings, 0 replies; 13+ messages in thread
From: LpSolit at netscape dot net @ 2016-08-16 14:41 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
--- Comment #10 from Frédéric Buclin <LpSolit at netscape dot net> ---
(In reply to Frank Ch. Eigler from comment #6)
> Per-account rate limits seem so easy to overcome, with spammers already
> creating numerous verified junk accounts with ease.
I banned several ranges of IP addresses, and also permanently banned some
domain names. Logs show that all evil attempts made today have been
successfully blocked (for how long?).
> I would suggest focusing on spam-prevention content analysis (spamassassin
> style), and post-spam cleanup (blacklisting, history editing, bug hiding?)
> efforts.
Content analysis has been (partially) implemented today. If the bug report is
considered to be spam, the bug report is automatically rejected and the user
account automatically disabled.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Trottle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (9 preceding siblings ...)
2016-08-16 14:41 ` LpSolit at netscape dot net
@ 2016-08-22 20:10 ` bernd.edlinger at hotmail dot de
2016-08-23 6:07 ` [Bug web/72856] Throttle " gerald at pfeifer dot com
11 siblings, 0 replies; 13+ messages in thread
From: bernd.edlinger at hotmail dot de @ 2016-08-22 20:10 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
Bernd Edlinger <bernd.edlinger at hotmail dot de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bernd.edlinger at hotmail dot de
--- Comment #11 from Bernd Edlinger <bernd.edlinger at hotmail dot de> ---
Are the user accounts created by bots?
if yes, would an anti robot security code (captcha) help?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug web/72856] Throttle bug creation for newly created accounts (to limit spam)
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
` (10 preceding siblings ...)
2016-08-22 20:10 ` bernd.edlinger at hotmail dot de
@ 2016-08-23 6:07 ` gerald at pfeifer dot com
11 siblings, 0 replies; 13+ messages in thread
From: gerald at pfeifer dot com @ 2016-08-23 6:07 UTC (permalink / raw)
To: overseers
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72856
Gerald Pfeifer <gerald at pfeifer dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Trottle bug creation for |Throttle bug creation for
|newly created accounts (to |newly created accounts (to
|limit spam) |limit spam)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2016-08-23 6:07 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-08-10 2:43 [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) LpSolit at netscape dot net
2016-08-10 2:44 ` [Bug web/72856] " LpSolit at netscape dot net
2016-08-10 5:50 ` trippels at gcc dot gnu.org
2016-08-10 8:33 ` gerald at pfeifer dot com
2016-08-10 11:46 ` manu at gcc dot gnu.org
2016-08-10 12:04 ` LpSolit at netscape dot net
2016-08-10 12:33 ` LpSolit at netscape dot net
2016-08-10 12:41 ` fche at redhat dot com
2016-08-11 11:58 ` joseph at codesourcery dot com
2016-08-15 19:57 ` redi at gcc dot gnu.org
2016-08-16 14:41 ` LpSolit at netscape dot net
2016-08-22 20:10 ` bernd.edlinger at hotmail dot de
2016-08-23 6:07 ` [Bug web/72856] Throttle " gerald at pfeifer dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).