CII-badges@lists.coreinfrastructure.org | Suggestions on countering spammers?

Home Messages Hashtags Subgroups

Topics

Date Date 1 - 6 of 6

Suggestions on countering spammers?

David A. Wheeler #554 Sadly, spammers have started to add nonsense "projects" to the CII Best Practices site at a higher rate than before. It appears to be all SEO-related fraud. I suppose that was inevitable, and I guess it's good that we're "worth" their time. If anyone has ideas on how to automatically help counter spammers, please let us know via reply to this mailing list, private email, or this issue: https://github.com/coreinfrastructure/best-practices-badge/issues/1377 Thanks! --- David A. Wheeler
More All Messages By This Member
Mark Rader #555 Require them to validate their email address. toggle quoted messageShow quoted text On Dec 20, 2019, at 11:13 AM, David A. Wheeler <dwheeler@ida.org> wrote: Sadly, spammers have started to add nonsense "projects" to the CII Best Practices site at a higher rate than before. It appears to be all SEO-related fraud. I suppose that was inevitable, and I guess it's good that we're "worth" their time. If anyone has ideas on how to automatically help counter spammers, please let us know via reply to this mailing list, private email, or this issue: https://github.com/coreinfrastructure/best-practices-badge/issues/1377 Thanks! --- David A. Wheeler
More All Messages By This Member
David A. Wheeler #556 Mark Rader: Require them to validate their email address. Good idea, but for local accounts we already do that, and I believe GitHub also requires email validation for their accounts. So we're going to have to go beyond that. --- David A. Wheeler
More All Messages By This Member
Trevor Vaughan #557 Pretty sure if you report them the GitHub they'll get banned. toggle quoted messageShow quoted text On Fri, Dec 20, 2019 at 3:14 PM David A. Wheeler <dwheeler@...> wrote: Mark Rader: > Require them to validate their email address. Good idea, but for local accounts we already do that, and I believe GitHub also requires email validation for their accounts. So we're going to have to go beyond that. --- David A. Wheeler -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 x788 -- This account not approved for unencrypted proprietary information --
More All Messages By This Member
Mark Rader #558 What I’m thinking is when they create a project or account automatically send them an email with a passcode for verification so you do it for each new project. toggle quoted messageShow quoted text On Dec 20, 2019, at 2:14 PM, Wheeler, David A <dwheeler@ida.org> wrote: Mark Rader: Require them to validate their email address. Good idea, but for local accounts we already do that, and I believe GitHub also requires email validation for their accounts. So we're going to have to go beyond that. --- David A. Wheeler
More All Messages By This Member
David A. Wheeler #559 Mark Rader: What I’m thinking is when they create a project or account automatically send them an email with a passcode for verification so you do it for each new project. I don't think that will be enough of a deterrent. The spammers are already willing to do an email confirmation. One possibility would be to require a repo URL, and then require that it really be a public repo. In many cases it's easy to detect if a repo is really a repo (e.g., allow certain patterns of GitHub/GitLab URLs, and if that doesn't work, load that one page & see if it's repo of a recognized version control system). But that could cause more problems than it solves. --- David A. Wheeler
More All Messages By This Member

1 - 6 of 6

1

Previous Topic Next Topic

Home Messages Hashtags Subgroups Terms