On 12/13/2012 09:14, janI wrote:
I give +1 for the list and the WIKI account part, then we can see over
time, if web discussions naturally move to that list.
Jan.
"By request" account creation on the wiki is a fine short-term solution
for the spammer problem (until the upgrade). In the long run (after the
upgrade), IMHO it is unnecessary and unacceptable. AOO doesn't need this
anywhere else, Wp doesn't need it, and our wiki shouldn't, either.
Running on an up-to-date platform, we should be able to find some
technology which suits our users' needs, and keeps the spam down (not
completely, but nothing will).
A little forensic research on those thousands of spam accounts might
show us what we do need. What kind of email addresses did they use? We
used to have some local code to prohibit the "public drop box" email
sites, as well as a RECAPCHA for account creation and for external-link
saves. Did any of that make it through the move to Apache? Checking
links might be expensive, since it would have to be done on every save,
but account-creation checks should only be invoked on account creation.
If the account requests go away, so does the admin ML. Probably a good
thing.
/tj/
