Hi, On Mon, Jun 22, 2009 at 7:47 AM, MJ Ray<m...@phonecoop.coop> wrote: > Jean-André Santoni <jeanandre.sant...@biblibre.com> wrote: >> This antispam is based on Mollom. You will need to register and get an API >> key to access it, then set the Mollom* sysprefs. > > This patch will open a denial-of-service exploit, see comment on > http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3144 > >> This patch only use the statistic way to filter spam. A future patch could >> add a captcha if Mollom can't determinate if content is spam or ham. > > Can you explain this comment, please? I don't see any code disabling > Mollom's eyetests and hearing tests (which are not CAPTCHAs because > they class some humans as computers erroneously).
As this patch does not actually implement a CAPTCHA of any sort, it is hardly surprising that you are not seeing code disabling such features. My main concern with this patch is that there needs to be an abstraction layer, no matter how thin, for spam filtering before we start adding in support for specific services like Mollom. A simple class in C4 that can delegate a spam/ham decision should be sufficient. We have a big enough mess with the current state of support for enhanced content providers without any kind of abstraction layer, so I'd like to take this opportunity for us to not fall into a similar trap. Regards, Galen -- Galen Charlton VP, Research & Development, LibLime galen.charl...@liblime.com p: 1-888-564-2457 x709 skype: gmcharlt _______________________________________________ Koha-patches mailing list Koha-patches@lists.koha.org http://lists.koha.org/mailman/listinfo/koha-patches
