@hpvd opened this Issue on March 17th 2014

writing a ticket may be really annoying because of spamfilter behaviour:

every time writing a long ticket which contains by accident a blacklisted word and pressing the submit ticket button al things you have written are completely gone - uuurrggh
There should be an other way:
e.g.

  • disable spamfilter for people with more than 20posts
  • give message before everything is gone
  • ...
    ??
@hpvd commented on March 17th 2014

this happens regularly not only when writing a ticket but also when commenting on an existing ticket...

@anonymous-piwik-user commented on March 21st 2014

I could not post ticket, neither attach plain text file with intended content claiming:

Submission rejected as potential spam (Content contained these blacklisted patterns: '.{500}')

@robocoder commented on March 22nd 2014 Contributor

I removed the .{500} because spammers are already evading the long line regex.

@hpvd commented on March 22nd 2014

I think this is not solved.
This was only one example from hornbeam.
There are several more problematic things....

  • you sometimes were told the words are not ok e.g. mon-ey if needed while talking about google adds
  • sometimes you put to many links e.g. if you link to some other tickets or forum comments
    etc
@hpvd commented on March 22nd 2014

some more ideas what could be done without having a bad experience for ticket writers / bug reporters / comment writer etc.

In the area of Typo3 there are two (very similar working) extensions which have optimized the way to fight spam.
And they don't even use captchas..

Its using (sorry its german):

1) Java-Script check ... die meisten Bots verstehen kein Javascript
2) Honey-Pot ... Im Formular werden Felder per CSS versteckt. Die meisten bots fllen auch diese fr Menschen unsichtbaren Felder
3) Session Check ... manche bots senden Form-Daten ohne die Seite selbst zu laden
4) Session Min-Time Check ... manche Bots fllen Formulare sehr schnell
5) Session Max-Time Check ... manche Bots sind auch "langsam" bzw. verwenden eine alte session
6) Unique Check ... Bots geben gerne Information doppelt ein. Z.B. Name = Land
7) Form-Input Renaming ... Alle input Felder im Formular werden umbenannt. So wird es fr Bots nahezu unmglich herauszufinden in welches Feld wie sie die Felder fllen solln. So greifen dann die normalen Eingabe-Wert Prffunktionen auch gegen Spam. Besonders die Honey Pot Felder werden so besser versteckt.

from: http://www.typo3.net/forum/beitraege/diverse_sonstige_module/86222/

You can found the typo3 extension and its English documentation:
https://typo3.org/extensions/repository/view/spamshield

@robocoder commented on March 22nd 2014 Contributor

I looked at the spam monitoring logs, and the filters are very effective.

I'm sorry for the inconvenience of false positives, but for every false positive there are dozens of true positives.

@robocoder commented on March 22nd 2014 Contributor

You're welcome to submit your spam filter improvement ideas to the spam filter developers.
http://trac.edgewall.org/wiki/SpamFilter

@mattab commented on March 24th 2014 Owner

Maybe we will migrate to Github issues in the future...

Thanks @vipsoft for your great help managing spam!

This Issue was closed on March 24th 2014
Powered by GitHub Issue Mirror