[pmwiki-users] Core Spam Blcok Thoughts

[Neil Herber]

At 2006-04-05  01:07 PM -0500, Wendell Brown is rumored to have said:
>Adding a spam block to the core that is turned off by default or 
>with a default basic block list is going to be a major help to those 
>of us that maintain our wiki's, but it's not going to cut down on 
>overall abuse of pmwiki by spammers.

Wendell

I don't see how MTBlocklist addresses this problem better than 
Blocklist2. By this problem, I mean having blocklist code that is 
turned off by default or blocklists that are not maintained. Although 
MTBlocklist *may* appear to address the latter, I note that it 
stopped working at one point when the remote blocklist server died or 
was killed.

What it really boils down to, is that websites or wikis or blogs that 
aren't looked after become prey to spammers.

I think blocklist capability of some sort should be built-in to 
PmWIki, and the easiest one to control and understand is a blocklist 
that the admin creates and looks after themselves. Remote blocklists 
can be added as a recipe.

Because virtually all wiki spam is an attempt to raise search engine 
ranks, blocklists that detect URLs or URL fragments are by far the 
most effective. For one thing, it is much more trouble for the 
spammer to change domains (defeats the spam in place, too) than it is 
to adjust the text of a "message" or to change posting IPs.

Whatever mechanism is used, it should be off by default. This runs 
completely counter to the security maxim that all doors should be 
locked by default and only opened as and when needed. But a wiki that 
isn't open isn't a wiki - its a CMS. ;-)


Neil

Neil Herber
Corporate info at http://www.eton.ca/
Eton Systems, 15 Pinepoint Drive, Nepean, ON, Canada K2H 6B1
Tel: (613) 829-4668