Ticket #819 (new maintenance)

Opened 2 years ago

Last modified 2 years ago

Trac anti-spam measures

Reported by: chris Owned by: chris
Priority: major Milestone: Maintenance
Component: Trac Keywords:
Cc: ed Estimated Number of Hours: 0.0
Add Hours to Ticket: 0 Billable?: yes
Total Hours: 0.77

Description

Today we had our first item of Trac spam, ticket:818, since the open email interface was enabled almost 2 years ago on ticket:494.

This ticket has been created to investigate and implement some anti-spam measures.

Change History

comment:1 Changed 2 years ago by chris

  • Add Hours to Ticket changed from 0.0 to 0.77
  • Total Hours changed from 0.0 to 0.77

There is the SpamFilter plugin but that is for spam bots editing via the web interface.

Following https://oss.trac.surfsara.nl/email2trac/wiki/Email2tracConfiguration#Spam there is the option to look for spam headers added by the mail server, however the mx.webarch.net server adds headers in this format:

X-elderberry.rat.burntout.org-Spam-Score: 5.6 (+++++)

Where as email2trac "Email2trac counts the number of * characters in the spam_header line", so without either changing the email2trac regex or the manner in which the mailserver flags spam we can't use this option.

Looking at the other config options we can whitelist so I have changed this settings in /etc/email2trac.conf:

white_list_registered_users: 1

We can also add additional email addresses, in the case where someone sends a email to Trac using a different email address, via white_list.

Sorry this took a while to track down this setting, hopefully this will do the job!

Last edited 2 years ago by chris (previous) (diff)

comment:2 Changed 2 years ago by ed

good work chris - whitelist the best thing - can't wait to get on for TNv3

Note: See TracTickets for help on using tickets.