[Moin-user] spambayes.MoinSecurityPolicy

Skip Montanaro skip at pobox.com
Sun Jan 28 23:39:00 EST 2007

I've mostly implemented an alternative security policy that uses SpamBayes
to classify edits as ham or spam.  I think it has the potential to be much
better than the current scheme, both in terms of accuracy as well as speed.
I'm having trouble with the MoinMoin side of things though.  I hope someone
with MoinMoin chops can look at what I've got and help straighten things out.
The current state is available in the SpamBayes CVS repository:


The module docstring should tell you how it is supposed to work.  Basically,
these functions seem to work:

    * Updating HamPages and SpamPages seems to work.  Saving either one
      triggers a retrain.

    * Committing an edit when the page scores as "ham" (i.e. "good") works.

The problems I've struggled with up to this point center on doing the forced
revert when a submitted edit is deemed to possibly or probably be spam and
generating a list of email addresses for the members of the AdminGroup.  If
someone could look at the force_revert() and mail_admins_about() methods and
make some suggestions I'd much appreciate it.

Maybe my approach is all wrong, but here it is.  When a user attempts to
commit an edit it is provisionally saved (assuming the base
Permissions.save() method allows it).  This saves the content we will
need later in case this page is used to train the SpamBayes classifier.  If
the page scores okay, fine, we're done.  If not, the commit has to be
reverted whether or not the user has revert privileges, and an email has to
be sent to the members of the AdminGroup.  (Thomas mentioned the superuser,
but I have no idea how to get that.  And in any case wouldn't that be one
person per installation, not one person per wiki?)

Any help would be greatly appreciated.


Skip Montanaro
(still posting via gmane because my emails just disappear into never-never land)

More information about the Moin-user mailing list