We need the antispam plugin (or some kind of moderation plugin) for trac

Looks like the spammers have finally found and automated our upload-a-ticket interface. I've scrubbed and closed 3 in the last couple of hours. (See #2440 for an example.) We really need to look into possible upgrades here.

Options are:

• Looking into the TicketModerator plugin
• Looking into the SpamFilter plugin (the latest versions of which require Trac 0.12)
• Looking into other related plugins
• Looking into some way to close user accounts in a way that blacklists their credentials immediately rather than just preventing them from logging in again if ever log out.

added component::internal services/service - trac owner::phobos priority::medium resolution::implemented status::closed type::enhancement labels

Spam on ticket #2334 (closed). THer eis apparently no way to remove it without messing with the db. We need to do something about this.

Trac:
Cc: N/A to weasel, erinn

My favored solution is currently: install TicketModerator; moderate everybody's first comment or submission; give everybody the MODERATOR_UNMODERATED permission upon approving their first ticket.

To elaborate : we should have a GRP_users group that has permission MODERATOR_UNMODERATED; and we should add people to this group on the slightest evidence that they are a real person, taking them out on evidence that they are not.

We could also stand to install http://trac-hacks.org/wiki/TicketDeletePlugin

Replying to nickm:

Spam on ticket #2334 (closed). THer eis apparently no way to remove it without messing with the db. We need to do something about this. http://trac-hacks.org/wiki/TicketChangePlugin

I installed the TicketDelete plugin, removed the two spam tickets (#2447, #2448) and removed the spam comment from #2334 (closed).

We should review our options here. Over 1/3 of the tickets opened so far this month had to be deleted as spam.

Trac:
Points: N/A to N/A
Actualpoints: N/A to N/A

spam ticket: #3103

I would also appriciate less spam.

#3107 #3108

tagnaq, this isn't a ticket to collect ticket numbers for spam. You're just adding noise.

I deleted a user, and after the deletion it still added a spam comment. That sounds like trac's handling of users is so absurdly broken and terrible that I'm not quite sure if a plugin could fix this.

I applied the trac_spamfilter plugin last night. We'll see if it does what we want.

Trac:
Owner: erinn to phobos
Status: new to accepted

Trac:
Priority: major to normal

Great. I turned on logging ; we should be able to see what the filter is doing under Administration->Spam Filtering->Monitoring.

Replying to nickm:

Great. I turned on logging ; we should be able to see what the filter is doing under Administration->Spam Filtering->Monitoring.

Logging was already turned on. The html interface doesn't show if logging is on or off, you have to query the db directly.

Has this plugin done anything to stop spam? I haven't seen any tickets deleted for spam, but I haven't been watching too closely either.

I haven't seen any new spam in a while. Also, I haven't heard any complaints about legit stuff getting marked as spam... but lastly, the monitoring interface doesn't actually report anything, so I'm not sure whether there has been any spam or false-positives.

I have seen no spam tickets or comments at all since the trac_spamfilter plugin was installed. Closing.

Trac:
Status: accepted to closed
Resolution: N/A to implemented

Move all tickets from trac to "Service - trac" component.

Trac:
Component: Trac to Service - trac

closed