POLL, please comment if you have an opinon:
Codeberg.org is being spammed by users using one-time/disposable email services and TOR connections. These spam projects with thousands of bogus issue comments, cause pain for project owners, and spam their notification email inbox. Also, Codeberg's SMTP reputation is harmed.
We consider disabling access via TOR and one-time email providers to maintain smooth operation for all users.
What do you think? Is there a better approach?
Please have your say.
@codeberg Maybe some text analysis could help? For example if more than 10 issues are created with at least 90% matching contents, automatically mark it as spam and make users request approval in some way.
Maybe you could also setup spamassassin on your outgoing server and have it learn what the spam messages look like to limit email spam, but that won't get rid of the issues that are created inside gitea.
@hugot This particular spammer was posting the content of random-not-so-random birdsite posts.
@codeberg Right. This needs some thought. You want to stay accessible to software users who just want to create an account and make an issue right away so a lot of manual setup for users or blocking tor would suck.
I think you need a solution that lets new users participate, but lets existing users maintain the peace of codeberg.org.
@codeberg How about this:
- New users are allowed to create a maximum of X issues/comments per 24 hours through the web UI by default. No API use allowed.
- Optional: They are allowed to use the API to create issues on their own repos, but creating them on other repo's is not allowed.
- To be allowed to use the API and create more than X issues per 24h, a user needs to be approved by at least 2 already approved users.
@codeberg You'd need to make some sort of UI for users to grant/request approval but with something like this in place you can let your users take care stuff as a community.
Amsterdam based mastodon instance for the Dutch community, but open to anyone. Primary languages Dutch and English.