On 9/18/11 2:29 PM, Karl Berry wrote:
Michael, all,
Sadly, it seems the captcha is insufficent (not surprising, of course --
if human spammers signed up before, we can't stop them). User robomo:
https://savannah.gnu.org/siteadmin/usergroup.php?user_id=85295
signed up yesterday and posted a spam on a freetype bug report:
https://savannah.nongnu.org/bugs/?32245
(I spamified it.)
I wonder about doing both the captcha and asking for
"year GNU was announced + today's month number".
I'm a little confused, you want this on the registration page?
If the captcha isn't stopping them, then I don't think also asking for
the current month will either. :(
Are you suggesting adding a captcha every time a new patch/bug/support
item is submitted or updated? If so, I think that may get a little
annoying to users.
If the spammers are created by humans, but auto-spam then we'll need
captchas on every form submission, which just seems cumbersome.
What do you think the ideal solution is?
I don't expect to completely stop spammers from signing up but
I fear that it happening a day or two after the captcha means that soon
there will be a flood.
Wdyt?
karl
P.S. To get "recent" user ids, I've been running:
echo "select user_id from user where add_date>1316185718;" | mysql savane
where the big integer is a time_t for, e.g., yesterday about this time.
