POLL, please comment if you have an opinon:

Codeberg.org is being spammed by users using one-time/disposable email services and TOR connections. These spam projects with thousands of bogus issue comments, cause pain for project owners, and spam their notification email inbox. Also, Codeberg's SMTP reputation is harmed.

We consider disabling access via TOR and one-time email providers to maintain smooth operation for all users.

What do you think? Is there a better approach?
Please have your say.

@codeberg If they use the same disposable mail address multiple times, maybe restricting such addresses to be used no more than once (or twice) per day (in the hope "creating new ones" is an effort they won't make too often)? Or do that with the combination of the address and TOR? IDK, but disabling both completely might harm other "legit uses". And no, I won't mention Captchas (unless you count "hidden input fields" which, when filled, tell you it's a bot).

Follow

@IzzyOnDroid @codeberg

A quick hack that we once employed, is to put a delay in delivering mail (to certain domains).

We mostly did that to spread the load,though. But it helped a lot when bots had to wait 1 to 20 hours before receiving the confirmation emails. Needs to be clearly communicated, though.

@berkes @IzzyOnDroid Emails are already throttled, could refine this a bit, tho. General problem is that new accounts are created easily, with throwaway-IDs (anonymous or pseudonymous).

Question is mostly if there is a practicable way to stop abuse without completely disallowing anonymous accounts.

@codeberg @berkes Maybe if "throw-aways" have to mail-confirm each post – with the mail containing a "phrased captcha", requiring to set the subject line in a specific way – or something like that?

@IzzyOnDroid @codeberg @berkes that's easier automated than done manually. So everyone suffers for no gain.

@codeberg @berkes @izzyondroid You're dealing with human beings. 100% stopping abuse is never going to happen unless you unplug the server. The best we can hope for is to frustrate bad (or in this case, stupid) actors.
Sign in to participate in the conversation
Bitcoin Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!