From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 9378 invoked by alias); 10 Aug 2016 02:43:41 -0000 Mailing-List: contact overseers-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: , Sender: overseers-owner@sourceware.org Received: (qmail 9142 invoked by uid 48); 10 Aug 2016 02:43:28 -0000 From: "LpSolit at netscape dot net" To: overseers@gcc.gnu.org Subject: [Bug web/72856] New: Trottle bug creation for newly created accounts (to limit spam) Date: Wed, 10 Aug 2016 02:43:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: web X-Bugzilla-Version: unknown X-Bugzilla-Keywords: X-Bugzilla-Severity: enhancement X-Bugzilla-Who: LpSolit at netscape dot net X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: LpSolit at netscape dot net X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2016-q3/txt/msg00036.txt.bz2 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D72856 Bug ID: 72856 Summary: Trottle bug creation for newly created accounts (to limit spam) Product: gcc Version: unknown Status: UNCONFIRMED Severity: enhancement Priority: P3 Component: web Assignee: LpSolit at netscape dot net Reporter: LpSolit at netscape dot net CC: fche at redhat dot com, overseers at gcc dot gnu.org Target Milestone: --- GCC Bugzilla suffered vandalism again between July 25 and 27. 709 spam bugs have been filed during this 48 hours window. 103 different email addresses = have been used to avoid being blocked too quickly. This gives a ratio on average= of 7 spam per account. For the record, moving a bug into the 'spam' component and marking it as INVALID automatically disables the user account of the spammer. But this gi= ves a plenty of time to spammers to file new bugs till a triager closes spam as INVALID. So I think we should limit the rate at which new accounts can file= new bugs. In the table below, we can see that several spammers managed to file several tens of spam in a row, so trottling bug creation for them would have helped a bit. mysql> select count(*) as nb_spam, login_name as spammer, newvalue as creation_time from bugs inner join profiles on profiles.userid =3D reporter= inner join profiles_activity on profiles_activity.userid =3D reporter where component_id =3D (select id from components where name =3D 'spam') and crea= tion_ts > '2016-07-20' and creation_ts < '2016-07-31' and fieldid =3D (select id fr= om fielddefs where name =3D 'creation_ts') group by reporter order by nb_spam = desc;=20=20 +---------+-------------------------------------------+--------------------= -+ | nb_spam | spammer | creation_time = | +---------+-------------------------------------------+--------------------= -+ | 55 | andrusmith20163@gmail.com | 2016-07-25 21:39:09= | | 51 | vvw@a.ahcainc.com | 2016-07-26 04:50:31= | | 41 | satyamsingh168@yahoo.com | 2016-07-25 20:59:20= | | 30 | kethyjelly@yopmail.com | 2016-07-25 20:53:31= | | 28 | clarkally128@gmail.com | 2016-07-25 23:12:26= | | 27 | boltanwelly@gmail.com | 2016-07-25 20:55:21= | | 26 | loveubaby@yopmail.com | 2016-07-25 22:10:41= | | 25 | shobhitgargniet@gmail.com | 2016-07-25 21:00:17= | | 22 | rpaul9596@gmail.com | 2016-07-26 05:17:48= | | 18 | rassules11@gmail.com | 2016-07-26 11:18:55= | | 16 | rocksmith2143@gmail.com | 2016-07-25 20:46:22= | | 16 | ckattyperry@gmail.com | 2016-07-26 10:37:12= | | 15 | Wout1930@armyspy.com | 2016-07-25 20:45:15= | | 15 | vipin01kumar2012@gmail.com | 2016-07-25 22:04:10= | | 14 | zzqr@tm.tosunkaya.com | 2016-07-26 00:27:57= | | 13 | 45aaoa+2iao75mo6pqv1c33b8@sharklasers.com | 2016-07-25 20:27:28= | | 13 | adcss@dayrep.com | 2016-07-25 20:45:33= | | 13 | ishiboy2@codehot.co.uk | 2016-07-25 22:06:34= | | 11 | vbgjgh@yopmail.com | 2016-07-25 20:41:27= | | 10 | harharmahadev@yopmail.com | 2016-07-25 20:01:14= | | 10 | rajdsky10@gmail.com | 2016-07-25 22:54:02= | | 9 | teresadoris41@gmail.com | 2016-07-25 20:41:57= | | 9 | pqrt@ze.gally.jp | 2016-07-25 22:04:28= | | 9 | bkattyperry@gmail.com | 2016-07-26 10:36:32= | | 8 | hs851446@gmail.com | 2016-07-25 21:06:15= | | 8 | sunnyhooda76@gmail.com | 2016-07-25 21:06:05= | | 8 | Sagat1987@superrito.com | 2016-07-25 21:36:56= | | 8 | ram307338@gmail.com | 2016-07-25 22:04:25= | | 7 | 45a7cj+pc1auass999c@sharklasers.com | 2016-07-25 20:50:36= | | 7 | Logne1973@cuvox.de | 2016-07-25 21:43:45= | | 7 | johnhuff31@yopmail.com | 2016-07-26 05:20:39= | | 7 | inlr@we.wallm.com | 2016-07-26 09:18:41= | | 7 | joanann0@uw5t6ds54.com | 2016-07-26 12:22:05= | | 6 | threas1938@jourrapide.com | 2016-07-26 11:43:02= | | 5 | ramu.sara1000017@gmail.com | 2016-07-26 07:40:03= | | 5 | avamonw@gmail.com | 2016-07-26 10:06:27= | | 4 | rachitakumari522@gmail.com | 2016-07-25 20:46:30= | | 4 | techbrothers2016@gmail.com | 2016-07-25 22:17:38= | | 4 | giqr@barryogorman.com | 2016-07-26 09:38:55= | | 4 | dlaf1j2u.qyp@20email.eu | 2016-07-26 10:38:21= | | 4 | una@c.cynaver.com | 2016-07-26 11:28:23= | | 4 | andrusmith20168@gmail.com | 2016-07-26 00:33:43= | | 3 | yt5scljm.uoq@20email.eu | 2016-07-25 20:55:26= | | 3 | ankurcoe22@gmail.com | 2016-07-25 21:23:06= | | 3 | akattyperry@gmail.com | 2016-07-26 08:51:01= | | 3 | adnj@maildx.com | 2016-07-26 09:04:00= | | 3 | vsmr@er.fr.to | 2016-07-26 09:13:02= | | 3 | larrypage001526@gmail.com | 2016-07-26 10:29:07= | | 3 | gkattyperry@gmail.com | 2016-07-26 10:40:46= | | 3 | ahay5o2t.bls@20email.eu | 2016-07-26 11:31:55= | | 3 | jorjbally@gmail.com | 2016-07-26 11:33:40= | | 3 | lilac18@uw5t6ds54.com | 2016-07-26 12:38:24= | | 3 | evwztvei.w0k@20email.eu | 2016-07-26 12:48:30= | | 3 | tovah95@uw5t6ds54.com | 2016-07-26 12:50:57= | | 2 | ffkattyperry@gmail.com | 2016-07-25 20:54:56= | | 2 | amarniket17@gmail.com | 2016-07-25 21:02:09= | | 2 | abigaillogan62@gmail.com | 2016-07-25 22:08:08= | | 2 | intelomedia03@gmail.com | 2016-07-25 22:29:25= | | 2 | jhon12wirte@gmail.com | 2016-07-25 23:00:33= | | 2 | deik.slpk458@gmail.com | 2016-07-26 00:16:41= | | 2 | ranjetn852@gmail.com | 2016-07-26 04:13:26= | | 2 | stalkonq@gmail.com | 2016-07-26 09:15:48= | | 2 | pandaranjan247@gmail.com | 2016-07-26 09:15:25= | | 2 | veroncia5@uw5t6ds54.com | 2016-07-26 10:11:56= | | 2 | kevinlewis760@gmail.com | 2016-07-26 10:18:31= | | 2 | f931569@mvrht.com | 2016-07-26 11:11:49= | | 2 | x2mspjb4.scv@20email.eu | 2016-07-26 11:13:04= | | 2 | 5rio2y1n.5mw@20email.eu | 2016-07-26 11:24:57= | | 2 | qsmr@qs.grish.de | 2016-07-26 11:35:17= | | 2 | ygnulgim.0d0@20email.eu | 2016-07-26 11:46:23= | | 2 | 5pwwdbqr.k54@20email.eu | 2016-07-26 11:55:26= | | 2 | lesa.smith212@gmail.com | 2016-07-26 11:56:39= | | 2 | seinamillarhelp@gmail.com | 2016-07-26 12:18:15= | | 2 | 0dlu2wpq.3bl@20email.eu | 2016-07-26 12:26:29= | | 2 | mqebsuzf.0wp@20email.eu | 2016-07-26 12:35:00= | | 1 | maine@yopmail.com | 2016-07-25 20:59:20= | | 1 | stephangranado3@gmail.com | 2016-07-25 22:28:51= | | 1 | sahil69@yopmail.com | 2016-07-25 22:55:44= | | 1 | noidaup8@gmail.com | 2016-07-25 23:01:51= | | 1 | tanudurrmat@gmail.com | 2016-07-26 00:17:33= | | 1 | jacksftt@gmail.com | 2016-07-26 09:18:01= | | 1 | janette75@uw5t6ds54.com | 2016-07-26 09:52:59= | | 1 | skyphelpline@gmail.com | 2016-07-26 10:12:31= | | 1 | whcpvgyg.rjz@20email.eu | 2016-07-26 10:27:26= | | 1 | oxvmmus5.il5@20email.eu | 2016-07-26 10:32:46= | | 1 | ifzv0va3.m0y@20email.eu | 2016-07-26 10:54:58= | | 1 | w5lkox3p.ado@20email.eu | 2016-07-26 11:03:48= | | 1 | antivirusshelplinenumber5526@gmail.com | 2016-07-26 11:13:51= | | 1 | davidwarner1369@gmail.com | 2016-07-26 11:16:57= | | 1 | nidhimishra@codehot.co.uk | 2016-07-26 11:20:36= | | 1 | lisa.thomas22345@gmail.com | 2016-07-26 11:50:30= | | 1 | smithmartin919@gmail.com | 2016-07-26 11:56:08= | | 1 | monti.carlo879@gmail.com | 2016-07-26 12:00:31= | | 1 | lisa.smith5555555@gmail.com | 2016-07-26 12:06:38= | | 1 | 5f0rfifp.i2x@20email.eu | 2016-07-26 12:06:28= | | 1 | burnet62@uw5t6ds54.com | 2016-07-26 12:12:25= | | 1 | andrusmith201620@gmail.com | 2016-07-26 12:15:16= | | 1 | teagreen80@uw5t6ds54.com | 2016-07-26 12:15:43= | | 1 | andrusmith20164@gmail.com | 2016-07-26 00:26:58= | | 1 | ramu.sara100006@gmail.com | 2016-07-26 12:31:21= | | 1 | andrusmith20166@gmail.com | 2016-07-26 00:30:44= | | 1 | andrusmith20167@gmail.com | 2016-07-26 00:31:56= | | 1 | andrusmith20169@gmail.com | 2016-07-26 00:35:19= | +---------+-------------------------------------------+--------------------= -+ 103 rows in set (0.01 sec) Anyone has a good suggestion for the rate limit? Probably something exponential, so that new legit users can still file a bug or two, but then expand the delay before being allowed to file the next bug and so on. Somet= hing like: $minutes_till_next_bug_report =3D 3**$number_of_already_reported_bugs - 1; What do you think? --=20 You are receiving this mail because: You are on the CC list for the bug.