[Koha-patches] [PATCH] [3.0.x](bug #3144) Added antispam filter for anonymous suggestions
Galen Charlton
galen.charlton at liblime.com
Mon Jun 29 17:08:49 CEST 2009
Hi,
On Mon, Jun 22, 2009 at 7:47 AM, MJ Ray<mjr at phonecoop.coop> wrote:
> Jean-André Santoni <jeanandre.santoni at biblibre.com> wrote:
>> This antispam is based on Mollom. You will need to register and get an API key to access it, then set the Mollom* sysprefs.
>
> This patch will open a denial-of-service exploit, see comment on
> http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3144
>
>> This patch only use the statistic way to filter spam. A future patch could add a captcha if Mollom can't determinate if content is spam or ham.
>
> Can you explain this comment, please? I don't see any code disabling
> Mollom's eyetests and hearing tests (which are not CAPTCHAs because
> they class some humans as computers erroneously).
As this patch does not actually implement a CAPTCHA of any sort, it is
hardly surprising that you are not seeing code disabling such
features.
My main concern with this patch is that there needs to be an
abstraction layer, no matter how thin, for spam filtering before we
start adding in support for specific services like Mollom. A simple
class in C4 that can delegate a spam/ham decision should be
sufficient. We have a big enough mess with the current state of
support for enhanced content providers without any kind of abstraction
layer, so I'd like to take this opportunity for us to not fall into a
similar trap.
Regards,
Galen
--
Galen Charlton
VP, Research & Development, LibLime
galen.charlton at liblime.com
p: 1-888-564-2457 x709
skype: gmcharlt
More information about the Koha-patches
mailing list