Using email activation might prevent some spam, since user have to
manually activate their accounts, and if it's just a spam bot chances
are that the bot isn't yet that well adapted for XWiki as to know how to
verify their accounts.
Another trick that helped us fight spam on xwiki.org is to forbid
registration of users that enter the same first and last name, since we
noticed that all automatically created accounts followed this rule.
Another thing that helps us keep spam low is the IRC bot and the global
notifications watchlist. Whenever someone modifies something, the IRC
bot notifies that change, and at the end of the day the notification
mail also mentions it. Most of the time one of the devs that are on IRC
will immediately check that change and revert it if it's spam (and
delete the user account as well). But I guess that won't work for a
large active community wiki with lots of valid changes every day.
On 06/09/2012 05:16 PM, Niels Mayer wrote:
This is either a feature request or a request for discussing
solutions to the issue of known comment spammers against XWiki
installs.
There's known spammers like [email protected] (see
http://www.nielsmayer.com/bin/view/XWiki/DavyCrokkett ) which have to
be managed and curtailed for any XWiki install enabling comments.
During registration, it would it be nice to check sites like
http://www.stopforumspam.com/ and prevent registration emails from
going out to known comment spammers.
For example, the aforementioned spammer is listed at
http://www.stopforumspam.com/ipcheck/111.243.227.227
suggesting Current country of origin: Taiwan, Province of China
Date IP Address Username Email
1-Jul-11 07:31 111.243.227.227 coseteene [email protected]
30-Jun-11 18:29 111.243.227.227 Assusypesound [email protected]
30-Jun-11 13:43 111.243.227.227 Impuppota [email protected]
30-Jun-11 11:22 111.243.227.227 Biordaccoma [email protected]
30-Jun-11 07:01 111.243.227.227 rooviskitte [email protected]
29-Jun-11 23:59 109.230.222.175 Beethyemegree [email protected]
29-Jun-11 22:49 111.243.227.227 Kneefshes [email protected]
29-Jun-11 13:59 111.243.227.227 seltencarne [email protected]
29-Jun-11 13:31 111.243.227.227 inigneedync [email protected]
29-Jun-11 11:50 174.142.132.203 Beethyemegree [email protected]
29-Jun-11 11:50 174.142.132.203 phorilmiplism [email protected]
29-Jun-11 07:53 111.243.227.227 Agergeevame [email protected]
29-Jun-11 05:56 111.243.227.227 Atomnegmess [email protected]
29-Jun-11 05:50 111.243.227.227 Impuppota [email protected]
It would also be interesting for such flagged users to return a list
of associated IP's (such as above) which could be blacklisted as well.
I guess the correct solution would be to use
http://extensions.xwiki.org/xwiki/bin/view/Extension/Social+Login but
then the spammers would just end up getting twitter, facebook or
foursquare logins and use those instead of hotmail accounts.
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
