Dear Pootle devs, I have some concerns about certain Pootle registrations that I have been seeing recently. I am currently running Pootle 2.0.5 is powered by Translate Toolkit 1.7.0.
Have improvements in the registration process been introduced since that version (e.g. some sort of CAPTCHA)? For example, http://translate.sugarlabs.org/notices/57075 New user Deenereli registered. http://translate.sugarlabs.org/accounts/Deenereli/ on checking in the Pootle User Administration panel, I found that this user's e-mail was [email protected] furthermore, the account had been activated, presumably by a response to the registration confirmation e-mail that goes out from Pootle. The results of a Google search on that e-mail address http://lmgtfy.com/?q=donationasw%40gmail.com gives me cause for concern. The results are all from botscout and stopforum spam web-sites. I have inactivated the account manually and mailed a request to the account for a personal response. If I do not get one, I will delete the account via the Pootle User Admin page. http://translate.sugarlabs.org/admin/users.html?page=19 My concern is this is a registration from a forum spamming bot that has the smarts to reply to registration mails in order to activate accounts. The problem for Pootle is that while we accept drive-by suggestions from anonymous users (pootleuser group "nobody"), once a username is registered, we typically accept actual submissions (pootleuser group "default"). This is potentially far more disruptive than suggestions. I would rather not tighten down our "nobody" and "default" privs if I can avoid it. I would much rather understand how to prevent the forum bots from successfully registering. It may be that There are some other patterns I am seeing in username registration (without successful activation) that make me think there may be more than one bot in play here. Presumptive spam account registrations in the last 24 hours: aidesteisolve [email protected] AnogemotUntot [email protected] (activated) bisonbialz [email protected] BorisPef [email protected] demonmayj [email protected] FreshNatalieXXY [email protected] gateBeathyBum [email protected] irnytxjoit [email protected] nunavivi [email protected] olbjovnaiw [email protected] Proxitreck [email protected] Scollussy [email protected] Teetlewafe [email protected] (activated) TrenseFaT [email protected] (activated) ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122912 _______________________________________________ Translate-pootle mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/translate-pootle
