[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Neil Williams wrote: > On Fri, 16 Apr 2010 19:12:35 +0100 > Neil Williams <linux@xxxxxxxxxxxxxx> wrote: > >> Most importantly, this change is not open for negotiation. I am not >> open to protest or complaint and replies of annoyance will be ignored >> - if your response is not constructive, don't send it. The abuse of a >> few have caused permanent and irrevocable harm to all; blame the >> spammers using our site to push illegal content, not me. The DCGLUG site >> is not Wikipedia, we don't have the resources to deal with automated >> abuse. > > Just to note that those who caused the original abuse are continuing to > attempt to access their content and create new content and only two > genuine members were affected by the change. (Indeed, attempts are > increasing slightly.) > > I think that the future for website accounts should be: > > 1. Join the mailing list first - or be personally known to an existing > admin. > > 2. Post to the mailing list using your full real name and from the same > email address as would be used for the website. A series of posts > should be required - enough to rule out "I feel lucky" hits. > > 3. Request an account based on the evidence in the list archive. New > accounts created with minimal privileges. > > This idea *is* up for discussion - I'm open to adjustments that make it > less likely to put off genuine members without allowing any false > positives. Sorry, but the assumption has to be "guilty until proven > innocent" with regard to new accounts and spamming. "Due process" just > takes too much time and produces vast amounts of spam inside the site. > > Once such requests start to come in, "authenticated users" (the lowest > level of privilege inside the site) can be given minimal permissions > (like creating new pages and editing their own pages but not being > allowed to create new books). > > If this is acceptable, it can go onto the "Join DCGLUG" page, with a > short comment about why this restriction is necessary. > > I think if it helps improve security, and also reduces spam then this is worth it, ok it may be extra hoops but its better in the long term and with more meetings it may be possible to improve things further. Paul - -- Paul Sutton www.zleap.net Ubuntu 10.04 is out soon : Visit www.ubuntu.com for details DCGLUG MEETINGS - Details on www.dcglug.org.uk/ - please click on Group meetings link on right hand side Aged 11 - 19 then dfey may be for you, please goto http://www.dfey.org for more details -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvKAssACgkQaggq1k2FJq3fJgCggOjychXs81sChFSfpqaWsGgT GIEAniY6cFwPUuCZMEUisf5JYHV/kUWo =2yXi -----END PGP SIGNATURE----- -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html