НА: [Trac-dev] Please Verify, unable to post anything to trac.edgewall.org
Sergey Chernov (m)
-----éÓÈÏÄÎÏÅ ÓÏÏÂÝÅÎÉÅ-----
ïÔ: "Ilias Lazaridis" <il...@lazaridis.com>
ëÏÍÕ: "Trac Development" <trac...@googlegroups.com>
ïÔÐÒÁ×ÌÅÎÏ: 25.10.06 20:46
ôÅÍÁ: [Trac-dev] Please Verify, unable to post anything to trac.edgewall.org
everything I try to post to trac (new tickets, comments, attachments)
is rejected.
please verify.
perhaps it is possible to provide accounts for contributors.
.
Noah Kantrowitz
Sergey Chernov (m) wrote:
> Better add accounts to any user - no anonymous postings; use picture recognition or like to create personal account
CAPTCHAs have been discussed many times before, and each time the
consensus was that the detriment to usability was worse than the false
positives. A single guest account on trac.edgewall.org might help to
stem the tide, but it isn't a "good" solution by any means. I forget who
suggested it, but someone mentioned in #trac that they just hacked the
newticket template to have a "What is 2+2?" field, and that was enough
to stop a lot of bots (for now).
--Noah
Sergey Chernov
control field) was decided to be serious detriment? Worse than what we have
now - that it is close to impossible to file a ticket or comment? Well, I'm
sorry then.
So in this case it there a way to administer the installation (or add a
hack) to provide different rights to "any valid user" than to the
"anonymous"? I'd write a wrapper to add accounts then :(
> -----Original Message-----
> From: trac...@googlegroups.com [mailto:trac...@googlegroups.com] On
> Behalf Of Noah Kantrowitz
> Sent: Wednesday, October 25, 2006 10:02 PM
> To: trac...@googlegroups.com
> Subject: [Trac-dev] Re: НА: [Trac-dev] Please Verify, unable to post
> anything to trac.edgewall.org
>
>
>
>
> --~--~---------~--~----~------------~-------~--~----~
> You received this message because you are subscribed to the Google Groups
> "Trac Development" group.
> To post to this group, send email to trac...@googlegroups.com
> To unsubscribe from this group, send email to trac-dev-
> unsub...@googlegroups.com
> For more options, visit this group at http://groups.google.com/group/trac-
> dev
> -~----------~----~----~----~------~----~------~--~---
Christopher Lenz
> So one time operation - creation of the personal account (login,
> password,
> control field) was decided to be serious detriment? Worse than what
> we have
> now - that it is close to impossible to file a ticket or comment?
> Well, I'm
> sorry then.
Please note that what we're seeing today appears to be a problem with
Akismet, and not regular modus operandi.
Anyone with their own Trac site can choose whether they want it to be
registration-only by installing the AccountManagerPlugin and setting
up permissions appropriately. It's just that for edgewall.org we're
trying to keep submissions open to the public and control spam using
other methods. Again, here's hoping that the Akismet problems are
temporary. If not, we'll look for a better strategy.
If someone comes up with a nice patch that allows *optional*
integration of captcha systems, I'm sure that would not be rejected
(if the quality is okay, etc). Or any other effective method for
limiting spam. But right now I'm seriously getting tired of the only-
bitching-no-coding mindset.
Cheers,
Chris
--
Christopher Lenz
cmlenz at gmx.de
http://www.cmlenz.net/
Ilias Lazaridis
> Am 25.10.2006 um 20:33 schrieb Sergey Chernov:
> > So one time operation - creation of the personal account (login,
> > password,
> > control field) was decided to be serious detriment? Worse than what
> > we have
> > now - that it is close to impossible to file a ticket or comment?
> > Well, I'm
> > sorry then.
>
> Please note that what we're seeing today appears to be a problem with
> Akismet, and not regular modus operandi.
The regular "modus operandi" is: some highly annoying false positives i
know about, and (how many?) unknown.
...
> If someone comes up with a nice patch that allows *optional*
> integration of captcha systems, I'm sure that would not be rejected
> (if the quality is okay, etc). Or any other effective method for
> limiting spam.
The project should _really_ rearrange the requirements.
> But right now I'm seriously getting tired of the only-
> bitching-no-coding mindset.
I get tired that I cannot fulfill my task (3rd day) based on the trac
project resources.
And this is not about "bitching-no-coding".
You should simply look at this prioritized requirements list for the
trac.edgewall.org:
a) Allow contributors to interact with the trac development team
b) Allow users to interact with the trac development team
c) Allow anonymous access on trac.edgewall.org
Focusing on requirement "C" needs 'science & art' (spam-filter), and
should not block requirement "A" (fulfilled with simple registration on
request) and "B" (fulfilled with e.g. automated registration).
So, I assume users with an account on t.e.o bypass "akismet".
If so, half of the work is done by providing manual registrations for
contributors (and even users).
This would have the additional benefit that the variable $USER becomes
operative withing quieries / reports on t.e.o!
.
Sergey Chernov
architecture to painlessly add virtual user "any_registered" - gonna create
patch for it. Can't rely on plugins as clearsilver failes with python 2.5
and theres no guarantee the plugin will be rewritten to use genshi too.
> If someone comes up with a nice patch that allows *optional*
> integration of captcha systems, I'm sure that would not be
> rejected (if the quality is okay, etc). Or any other
> effective method for limiting spam. But right now I'm
> seriously getting tired of the only- bitching-no-coding mindset.
>
> Cheers,
> Chris
> --
> Christopher Lenz
> cmlenz at gmx.de
> http://www.cmlenz.net/
>
>
> --~--~---------~--~----~------------~-------~--~----~
> You received this message because you are subscribed to the
> Google Groups "Trac Development" group.
> To post to this group, send email to
> trac...@googlegroups.com To unsubscribe from this group,
> send email to trac-dev-u...@googlegroups.com
Noah Kantrowitz
--Noah
solo turn
* posting with sating my name and emial address in the session
preferences works
from askimet viewpoint
* and this exposes my email address to the web and spam
-solo
Christopher Lenz
> the only thing i don't appreciate currently is:
> * posting with sating my name and emial address in the session
> preferences works
> from askimet viewpoint
> * and this exposes my email address to the web and spam
You don't need to set your email address, just your name should
suffice. Which is what I said in the announcement ("Setting up your
name **or** email address"). But hey.
I'm actively working on adding more heuristics to the spam filtering.