Jeff Garland <jeff@crystalclearsoftware.com> writes:
David Abrahams wrote:
Jeff Garland <jeff@crystalclearsoftware.com> writes:
David Abrahams wrote:
Jeff Garland <jeff@crystalclearsoftware.com> writes: Two reasons. That requires a software upgrade including data conversion to new wiki software. Second, based on my discussion with other wiki administrators it doesn't stop spammers -- they just register with a free email address and off they go.
Of course a few will do that. But isn't most spam done by automatic webcrawling software that seeks out open wikis and forums? As long as those abound, fewer spammers will bother with the protected one, right?
Nope, from what I understand the email registration test just doesn't work at all unless you want to put a human in the loop on all approvals, which prevents the casual update. Remember, we are dealing with folks that have hacked hundreds of machines, so a bunch of throwaway email addresses isn't a problem for them. A typical 200 page spam attack is done from 15-20 different IP addresses with each one spamming at about 1 page every 5 minutes. The reason they do this slowly is that many wiki's added a feature to prevent robo spamming by only allowing a slow number of changes per ip per unit time. So the spammers adapted...
In that case, I wonder why we never see spam posts by first-time Boost posters.
Bottom line is that today's systeam takes me about 10 minutes per day. The only bad part is that it sometimes takes a bit more time to roll back if I don't happen to be online.
As long as you don't mind doing the work, I appreciate it, and of course it's okay with me.
In my ideal world we would upgrade the software and it would enable a group of moderators to trivially manage/revert/stop spam. We'll get there at some point, but the solution we have now is working well enough and I'm busy enough that I don't plan on pursuing this for awhile.
Understood. -- Dave Abrahams Boost Consulting www.boost-consulting.com