Marco, Here are 3 more that I think you missed. http://svn.gregarius.net/trac/search?q=dynu Thanks Sameer On Fri, Nov 25, 2005 at 11:06:03PM +0100, Marco Bonetti wrote: > Date: Fri, 25 Nov 2005 23:06:03 +0100 > From: Marco Bonetti <mbonetti at gmail.com> > To: gregarius-dev at sinless.org > Subject: Re: [greg-dev] spam in the trac tickets > Reply-To: gregarius-dev at sinless.org > > Thanks for the account data, Timo. > > Since I don't have enough permissions to install sqlitemanaget I've > manually deleted the spam comments from the trac database. > > Reminder for future cleanups: > delete from ticket_change where ticket=183 and newvalue like '%http%'; > > Please alert me of any other spam comment you may notice. > > > And, as a matter of fact, of the seven deleted spam message, the first > two came from 148.244.150.xxx (Mexico) and the latter from > 195.175.37.xxx (Turkey) > > I think that running "sudo iptables -I INPUT -s 195.175.37.0/24 -j > DROP" on the svn server would be a good short-term strategy. > > -m > > > > On 11/25/05, Sameer D'Costa <sameerslists at gmail.com> wrote: > > Hi Timo, > > Thanks for doing this. If needed, I am willing to babysit the trac > > installation for routine things like deleting spam. My IM contacts are > > available if you click on my username in the forums. > > > > The other spam ticket on the trac website is at > > http://projects.edgewall.com/trac/ticket/1145 > > It doesnt look very promising.... > > > > Sameer > > > > > > > > On Fri, Nov 25, 2005 at 09:16:53PM +0100, SUGLIANI Timo wrote: > > > > > Date: Fri, 25 Nov 2005 21:16:53 +0100 > > > From: SUGLIANI Timo <rannis at free.fr> > > > To: gregarius-dev at sinless.org > > > Subject: Re: [greg-dev] spam in the trac tickets > > > Reply-To: gregarius-dev at sinless.org > > > > > > Hi all, > > > > > > I was thinking about some of these solutions too, but first of all to > > > keep clear, this server is used by some more projects, so i can't just > > > fix trac here, then here just for this purpose, it's also a packaged > > > trac version from debian "stable" release, so it's would actually > > > be system-wide changes. > > > > > > The IP ban possibility and apache configuration will not be possible > > > on this server, but as i just told, anything in "gregarius" userspace > > > is possible :) (for example installing sqlitemanager for now and > > > deleting manually every spam until trac correct this ;) or another > > > hack based on trac 0.9 like captchas if you wanna try it, etc...) > > > > > > At the moment i don't have "much time" to work on this but Marco, > > > I will forward you an ssh account for this project :) If you have > > > some time just do as you please :) > > > > > > Anyway you could forward me your "im" contacts too ;) it would be > > > easier to ask me anything quickly :) > > > > > > I'm "complaining" on the trac website about this issue too it this > > > ticket for the possibility to edit/delete comments, if you want to > > > follow it : > > > http://projects.edgewall.com/trac/ticket/454 > > > > > > There is another ticket about spam but the link is at work, i will post > > > it later ;) (just search anyway it should be findable) > > > > > > SUGLIANI Timo. > > > > > > PS: check your mail, account informations should be mailed soon. > > > > > > > > > Marco Bonetti wrote: > > > >Timo, List, hello. > > > > > > > >I've been discussing this issue with Sameer over IM, and here is quick > > > >summary of the different options we have: > > > > > > > >* Clean the trac database with a tool like this one: > > > >http://sourceforge.net/projects/sqlitemanager/ > > > >Since we're not getting *that* much spam yet, this could be a viable > > > >solution. > > > > > > > >Timo, could you install that tool on the svn server and password-protect > > > >it? > > > > > > > > > > > >* Hack trac and add a captcha to the key forms. I could take care of > > > >this, I think. > > > > > > > >* Ban spammers on an IP basis. This is unreliable, actually. We'd have > > > >to take a look at apache's logfile and see where the spammers have > > > >been coming from. > > > > > > > >* Ban spammers at apache configuration level, by checking the POST > > > >data against some keywords. This is rather effective, and doesn't > > > >require much work. > > > > > > > >* Hide the Trac web interface behind a HTTP Basic Auth form and give > > > >out the password to everyone, hoping the spams are automated and not > > > >hand-crafted. > > > > > > > > > > > > > > > >What do you guys think of these solutions? Timo, do you think I could > > > >get ssh access to the server and take a look around? > > > > > > > > -m > > > > > > > >_______________________________________________ > > > >gregarius-dev mailing list > > > >gregarius-dev at sinless.org > > > >http://sinless.org/mailman/listinfo/gregarius-dev > > > > > > > _______________________________________________ > > > gregarius-dev mailing list > > > gregarius-dev at sinless.org > > > http://sinless.org/mailman/listinfo/gregarius-dev > > _______________________________________________ > > gregarius-dev mailing list > > gregarius-dev at sinless.org > > http://sinless.org/mailman/listinfo/gregarius-dev > > > > _______________________________________________ > gregarius-dev mailing list > gregarius-dev at sinless.org > http://sinless.org/mailman/listinfo/gregarius-dev