<html><head/><body><html><head></head><body>Surely Trac has captcha support?<br><br><div class="gmail_quote">"Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre style="white-space: pre-wrap; word-wrap:break-word; font-family: sans-serif; margin-top: 0px">On Fri, 15 Mar 2013, Lucy Lynch wrote:<br /><br /><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #729fcf; padding-left: 1ex;">All -<br /><br />I've reset trac to require a log-in to create or append to a ticket.<br /><br />Hate to do this but many of you will see injections to old tickets this<br />am and this is the second time we've seen this kind of attack this week.<br /><br />Please ignore the tickets and we'll need to craft up text next time<br />to let folks know they can use their IETF log-in if they want to do<br />web submissions.</blockquote><br />Yeah I kept pondering things. Two options might be (whether we can<br />implement with trac is a different question but I can look at this):<br /><br />(1) only allow anonymous submissions from within the conference<br />network by web; would still allow anonymous submissions by em
ail<br
/><br />(2) add a captcha (if you are outside the conference network)<br /><br />(3) change a detail so that the default trac installation scripts of<br />spammers do not work anymore (paths, locations, names of<br />buttons, ..) << something possibly not maintainable easily.<br /><br />/bz<br /></pre></blockquote></div><br>
<br>
Nick Kukich<br>
VeriLAN, Inc.<br>
m +1.503.710.5115<br>
(sent from my mobile)</body></html></body></html>