[Moin-user] Spam on Moin wikis and anti-spam best practices

Steve McIntyre steve at einval.com
Tue Sep 3 08:41:16 EDT 2013


On Tue, Sep 03, 2013 at 11:04:28AM +0200, Thomas Waldmann wrote:
>> perhaps we need safer defaults
>
>I don't think we should change defaults within a stable release series.
>
>But we can change how example configs look like and document stuff better.
>
>> Really control registration: for extra control over registration, perhaps use 
>> the http://www.moinmo.in/MoinMoinPatch/VerifyAccountCreationByEmail patch to 
>> require e-mail verification of account registration.
>
>I wouldn't recommend this patch until someone cleans it up (see my
>comments there), does more testing and reviews the code again.

Ah, bugger. Sorry, I hadn't seen the comments there. I'm subscribed to
the page, but it looks like maybe my spam filter ate it or
something.

I'm in the middle of cleaning up and re-targetting my patches against
1.9.7 right now anyway. I'll update the page shortly.

>> Does anyone have any opinions about the above?
>
>Good writeup, should be supplemented with a modified default wiki/farm
>config.
>
>One can add to regularly review logs, esp. after spam gets in. So one
>can sometimes identify static IP addrs only used for spamming (put them
>in moin's hosts_deny or handle via web server) and also textchas that
>have been broken and should be replaced.

I've also added support for calling out to an external program at
account creation time to see if a new account should be created, based
on email/IP/account name. I've got quite a few extra scripts written
locally to help with monitoring account signups and managing the
blacklists too.

More helpful things here would include:

 * better support for network addressing for blacklisting (something
   that understands CIDR rather than just .startswith)

 * support for moderation - new account holder should need to have
   their first few edits approved by existing users

-- 
Steve McIntyre, Cambridge, UK.                                steve at einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
          note stuck to the mini-bar saying "Paul: This fridge and
          fittings are the correct way around and do not need altering"





More information about the Moin-user mailing list