Re: plone.org spamming problem

> Hi Wichert,
>
> sorry bother you with this, I don't know who is the admin of plone.org
> to send this, so please help me to forward this to the right person if
> you are not involved.
>
> I noticed on the following page:
>
> http://plone.org/documentation/how-to/kss-on-plone-3.1
>
> the worst kind of spam appeared. I don't know how this happened, should
> commenting be only for authenticated users?
>
> I can delete this comment in a snap, but I'd like to wait until I show
> it to you and others.
>
> Best wishes,
>
>    

> 2009. 04. 24, péntek keltezéssel 20.52-kor Wichert Akkerman ezt írta:
>> Hi Balazs,
>>
>> the website team and the admin group are the right people to tackle
>> this.  I've cc'ed them on this mail.
>
> Thanks! Meanwhile I talked to some people on irc, and they informed me
> that it's known and the user has been deleted. So I went ahead and
> deleted the comment.
>
> Still, it worries me because if spammers start this, they will go on,
> and it can quickly infect the whole site. Don't know how to avoid this
> if signed-up users do it.
>
> Best wishes,

>
> On Apr 24, 2009, at 12:09 PM, Balazs Ree wrote:
>
>> 2009. 04. 24, péntek keltezéssel 20.52-kor Wichert Akkerman ezt írta:
>>> Hi Balazs,
>>>
>>> the website team and the admin group are the right people to tackle
>>> this.  I've cc'ed them on this mail.
>>
>> Thanks! Meanwhile I talked to some people on irc, and they informed  
>> me
>> that it's known and the user has been deleted. So I went ahead and
>> deleted the comment.
>>
>> Still, it worries me because if spammers start this, they will go on,
>> and it can quickly infect the whole site. Don't know how to avoid  
>> this
>> if signed-up users do it.
>>
>> Best wishes,
>
>
> If this turns out to be more than just a one-time thing, we might be  
> able to flag certain posters.  A spammer is probably going to create  
> a bunch of comments in a short time span.  Perhaps a workflow script  
> or event-triggered script can log a list of edits in a volatile  
> memory bucket and flag any users creating edit floods?  A simple  
> template can be constructed to list the flagged posts along with  
> some simple actions like "delete this post", "delete all posts", and  
> "delete this user and posts".
>
> Actually, now that I think about this, wouldn't it be useful to have  
> a search result page somewhere listing all comments on the site as a  
> batched list along with some simple actions like the above?  Might  
> help with comment gardening in general.
>
> This http://plone.org/search?portal_type%3Alist=Discussion+Item 
> gives a handy list but it would be more handy if we had some delete  
> shortcuts next to each entry.
>
> Ric

> 2009. 04. 24, péntek keltezéssel 13.01-kor Ricardo Newbery ezt írta:
>
>>
>> If this turns out to be more than just a one-time thing, we might be
>> able to flag certain posters.  A spammer is probably going to  
>> create a
>> bunch of comments in a short time span.  Perhaps a workflow script or
>> event-triggered script can log a list of edits in a volatile memory
>> bucket and flag any users creating edit floods?  A simple template  
>> can
>> be constructed to list the flagged posts along with some simple
>> actions like "delete this post", "delete all posts", and "delete this
>> user and posts".
>
> Another thing that comes to my mind, is to reject comments that  
> contain
> more then say, 20 links. The spam I saw contained only a huge row of
> links.

> Something like the following would be sufficient I think:
>
>
>    if text.lower().count('<a') > 20:
> raise RuntimeError, """Your comment contains illegal html
>            markup. If you think this is an error, please file a
>            ticket to http://foo.bar/blah with the exact text of the
>            comment you wanted to add."""
>
> --  
> Balazs Ree

> Ricardo Newbery wrote:
>> On Apr 24, 2009, at 1:10 PM, Ricardo Newbery wrote:
>>
>>>> This http://plone.org/search?portal_type%3Alist=Discussion+Item
>>>> gives a handy list but it would be more handy if we had some delete
>>>> shortcuts next to each entry.
>>>>
>>> Or perhaps even easier, add a "delete user and all comments" button
>>> action to the three buttons already available under each comment
>>> ("Reply" and "Remove").
>
> Done TTW.
>
> deleteUserAndComments python script
>     - in portal_skins custom layer
>     - protected to be callable only through POST
>
> plone.app.layout.viewlets/comment.pt
>     - customized in portal_view_customizations
>     - button "Remove author and all comments" shown only if user has
> "Manage portal" permission.
>
>>> Then you can use the above search result
>>> link, navigate to a suspicious comment to confirm it's bogus, and
>>> then delete everything from the user in less than two clicks.
>>
>>
>> I guess this might be better if sorted by create date...
>> http://plone.org/search?portal_type%3Alist=Discussion+Item&sort_on=created&sort_order=reverse
>
> Was a great idea : recent spam cleaned up now.
>
> I disabled the button for now as it would be too easy to delete a non
> spammer by clicking the wrong button... :-S
>
>>
>> Ric
> --  
> Godefroid Chapelle (aka __gotcha) http://bubblenet.be

> 2009. 04. 25, szombat keltezéssel 09.32-kor Ricardo Newbery ezt írta:
>> On Apr 25, 2009, at 8:56 AM, Balazs Ree wrote:
>>
>>> Something like the following would be sufficient I think:
>>>
>>>
>>>   if text.lower().count('<a') > 20:
>>> raise RuntimeError, """Your comment contains illegal html
>>>           markup. If you think this is an error, please file a
>>>           ticket to http://foo.bar/blah with the exact text of the
>>>           comment you wanted to add."""
>>>
>>> --  
>>> Balazs Ree
>>
>>
>>
>> You probably need to change '<a' to 'http://'.  Links are  
>> autogenerated.
>>
>> Another idea.  These look automated.  How about a captcha on the
>> account form?
>
> Good too, but please act quickly or we'll be covered with spam faster
> than you can imagine.
>
> Note I'm not admin on plone.org, but if you need my help, find me on
> irc.
>
> ps. Godefroid, I did not follow the list before yesterday, just jumped
> in because I saw the spam on the kss pages.