+1 from me.
The only thing that I think is missing is a discussion of the difference
between a CommentAuthenticator and a CommentValidator and how they
relate to each other. The way I see it the difference is that a
CommentValidator cannot interact with the user, so it's basically an
automated spam prevention measure. A CommentAuthenticator can
authenticate with the user, like the math challenge or a CAPTCHA.
So we would keep the authenticator like we have now, and then add the
ability to define a chain of validators. And as for the order in which
they are processed, i dunno, the authenticator goes first followed by
the list of validators?
-- Allen
Dave wrote:
Currently, we've got a couple of different ways to control comment
spam in Roller.
* Three levels of blacklist: comments that match blacklist are
marked as spam
o Built in blacklist: based on old unsupported MT blacklist
o Site wide blacklist: global admin manages this blacklist
o Website blacklist: each weblog can define a blacklist
* Comment moderation: when enabled, comments must be approved by blog
owner
* CommentAuthentcator: determines if user is allowed to comment
o You can plugin your own by implementing the comment
authenticator interface
o Default authenticator does nothing
o Math Authenticator presents math question, verifies answer
o CAPTCHA authenticator is possible too, but we don't ship one
* Comment throttle: IP addresses that send rapid-fire comments are
banned
There are problems with each of those methods and even when combined
they're not enough to control spam. We've discussed other ideas for
comment spam control like forcing long comments into moderation,
rejecting comments with too many links and rejecting comments judged
by Akismet to be spam. Those are all good ideas, but if we start
adding special rules ad hoc, we'll end up with a mess.
What we need is way for Roller site administrators to define a chain
of comment validators so that we and others can add comment spam
processing rules, which are then treated in a uniform way in the
Roller comment servlet.
Read the rest here:
http://rollerweblogger.org/wiki/Wiki.jsp?page=Proposal_CommentValidators
Pease respond with comments here on the list.
- Dave
