Re: Suggestions on countering spammers?

David A. Wheeler
 

Mark Rader:
What I’m thinking is when they create a project or account automatically send them an email with a passcode for verification so you do it for each new project.
I don't think that will be enough of a deterrent. The spammers are already willing to do an email confirmation.

One possibility would be to *require* a repo URL, and then require that it really be a public repo. In many cases it's easy to detect if a repo is really a repo (e.g., allow certain patterns of GitHub/GitLab URLs, and if that doesn't work, load that one page & see if it's repo of a recognized version control system). But that could cause more problems than it solves.

--- David A. Wheeler

Join CII-badges@lists.coreinfrastructure.org to automatically receive all group messages.