« Django on a PDA
007’s laptop »

Django, Trac and Spam

The Django project’s installation of Trac seems to be suffering from an ever-worsening spam problem. I checked the project timeline for 27 October and saw 32 tickets reopened by spammers, compared with 2 legitimate new tickets reporting defects, and 2 changesets. How difficult would it be, I wonder, to prevent this with a captcha-based system of some sort?

Googling suggests that there’s been some discussion of captchas within the Trac project, but that incorporation of such a system into Trac won’t be possible until the 0.11 release. The 0.10 release, however, allows the use of the SpamFilter plugin, which supports regex filtering, IP blacklisting and Akismet. Is Django’s Trac site using this to the full extent possible (or using it at all)?

I suppose the other solution would be to restrict the Trac site to registered users only. Personally, I wouldn’t have a problem with that.

This entry was posted on Saturday, October 28th, 2006 at 11:27 am and is filed under Django. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Django, Trac and Spam”

  1. Sam Newman Says:
    October 30th, 2006 at 5:10 pm

    You can tie Trac down to limit the permissions of anonymous users - that way only logged in people can edit tickets, but anonymous people can view them.

    Even better would be to create a simple form for submitting tickets for anonymous people using a capatcha

  2. Sam Newman Says:
    October 30th, 2006 at 5:12 pm

    Oh, I suppose you could also stick trac behind mod_security setup to filter using a blackhole list…

  3. Nick Says:
    October 30th, 2006 at 8:20 pm

    Sam,

    Limiting the permissions of anonymous users in the way you describe is worth trying for the Django site, in my opinion.

Leave a Reply