[Systems] [Fwd: Re: #418 URGE: Resolve Gitorious blacklisting issues with OUOSL.]

[Noah Kantrowitz]

On Sep 23, 2009, at 11:18 PM, Bernie Innocenti wrote:

> El Wed, 23-09-2009 a las 17:35 -0700, Noah Kantrowitz escribió:
>> Grab the TicketDelete plugin if you don't have it already, that  
>> lets you
>> delete comments and easily revert spammy changes.
>
> Works great, thanks.
>
> Actually, we have way too many of these to delete them manually.
> Would there be a way to delete comments by regex?
>
> Or, even better, can the IP of the spammer be retrieved from the edits
> so we can kill it in iptables?

Not sure if we store the IP used for ticket changes, easy enough to  
check the table schema though:
$ sqlite3 trac.db
 > .schema ticket
 > .schema ticket_change

>
>
>
>> The links should already be marked relfollow,
>
> Not these: they use HTML directly:
>
>>> {{{
>>> #!html
>>> Reopening, it is still not fixed. Please pay attention to fix bugs  
>>> not
>>> only in trunk, but also in active branches, especially when it comes
>>> to
>>> security issues. <a href="http://www.getagoodbuy.com"><font
>>> color="#000000">nike shoes</font></a>
>>> }}}

Ahh, I would just block anything containing <a to begin with, but that  
might hit a few false positives every now and then.

>>>
>
>
>> and you can go into the BadContent wiki page and add it
>> to the spam blacklist.
>
> Ok done.  What plugin actually makes use of the BadContent page?

SpamFilter. BadContent is parsed out and turned into a regex that the  
submission is run through. With the default karma settings, triggering  
a blacklisted pattern should be enough to fail on its own I think. I  
notice the BadContent for you guys is a little short. Might want to  
copy in the one from trac-hacks (http://trac-hacks.org/wiki/ 
BadContent) as a decent seed.

--Noah