Edgewall Software
Modify

Opened 10 years ago

Closed 9 years ago

Last modified 9 years ago

#11556 closed enhancement (wontfix)

just some interesting ideas from other spam fighting projects

Reported by: hpvd Owned by: Dirk Stöcker
Priority: normal Milestone:
Component: plugin/spamfilter Version:
Severity: normal Keywords:
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

you already use lots of spam fighting methods but there may be some easy to implement ideas in other projects…

all without having a bad experience for ticket writers / bug reporters / comment writer etc.

In the area of Typo3 there are two (very similar working) extensions which have optimized the way to fight spam. And they don't even use captchas..

Its using (sorry its german):

1) Java-Script check … die meisten Bots verstehen kein Javascript

2) Honey-Pot … Im Formular werden Felder per CSS versteckt. Die meisten bots füllen auch diese für Menschen unsichtbaren Felder

3) Session Check … manche bots senden Form-Daten ohne die Seite selbst zu laden

4) Session Min-Time Check … manche Bots füllen Formulare sehr schnell

5) Session Max-Time Check … manche Bots sind auch "langsam" bzw. verwenden eine alte session

6) Unique Check … Bots geben gerne Information doppelt ein. Z.B. Name = Land

7) Form-Input Renaming … Alle input Felder im Formular werden umbenannt. So wird es für Bots nahezu unmöglich herauszufinden in welches Feld wie sie die Felder füllen solln. So greifen dann die normalen Eingabe-Wert Prüffunktionen auch gegen Spam. Besonders die Honey Pot Felder werden so besser versteckt.

from: ​http://www.typo3.net/forum/beitraege/diverse_sonstige_module/86222/

You can found the typo3 extension and its English documentation: ​https://typo3.org/extensions/repository/view/spamshield

Attachments (0)

Change History (4)

comment:1 by Jun Omae, 10 years ago

Component: generalplugin/spamfilter
Milestone: plugin - spam-filter
Owner: set to Dirk Stöcker

comment:2 by Dirk Stöcker, 10 years ago

2 and 3 are already done and very effective.

1, 4 and 5 could probably be added and 1 maybe could help a bit to reduce rejection rate for valid users - 4 and 5 I don't see much potential.

6 and 7 don't fit in the infrastructure very well and I don't see a benefit thus.

Trac data is a bit different from wiki and cms, so some of the tests based on the data don't work well for Trac.

I'll think about a javascript test thought.

comment:3 by Dirk Stöcker, 9 years ago

Resolution: wontfix
Status: newclosed

Wont implement a Javascript test.

comment:4 by Ryan J Ollos, 9 years ago

Milestone: plugin - spam-filter

Milestone unset per TracTicketTriage#Milestone.

Last edited 9 years ago by Ryan J Ollos (previous) (diff)

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Dirk Stöcker.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Dirk Stöcker to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.