On 12/4/06, Allen Gilliland <[EMAIL PROTECTED]> wrote:
+1 from me.
The only thing that I think is missing is a discussion of the difference
between a CommentAuthenticator and a CommentValidator and how they
relate to each other. The way I see it the difference is that a
CommentValidator cannot interact with the user, so it's basically an
automated spam prevention measure. A CommentAuthenticator can
authenticate with the user, like the math challenge or a CAPTCHA.
So we would keep the authenticator like we have now, and then add the
ability to define a chain of validators. And as for the order in which
they are processed, i dunno, the authenticator goes first followed by
the list of validators?
Good suggestion. I need to clarify the difference between the two.
And yes, I think you can have one authenticator and multiple validators.
- Dave
-- Allen
Dave wrote:
> Currently, we've got a couple of different ways to control comment
> spam in Roller.
>
> * Three levels of blacklist: comments that match blacklist are
> marked as spam
> o Built in blacklist: based on old unsupported MT blacklist
> o Site wide blacklist: global admin manages this blacklist
> o Website blacklist: each weblog can define a blacklist
>
> * Comment moderation: when enabled, comments must be approved by blog
> owner
>
> * CommentAuthentcator: determines if user is allowed to comment
> o You can plugin your own by implementing the comment
> authenticator interface
> o Default authenticator does nothing
> o Math Authenticator presents math question, verifies answer
> o CAPTCHA authenticator is possible too, but we don't ship one
>
> * Comment throttle: IP addresses that send rapid-fire comments are
> banned
>
> There are problems with each of those methods and even when combined
> they're not enough to control spam. We've discussed other ideas for
> comment spam control like forcing long comments into moderation,
> rejecting comments with too many links and rejecting comments judged
> by Akismet to be spam. Those are all good ideas, but if we start
> adding special rules ad hoc, we'll end up with a mess.
>
> What we need is way for Roller site administrators to define a chain
> of comment validators so that we and others can add comment spam
> processing rules, which are then treated in a uniform way in the
> Roller comment servlet.
>
> Read the rest here:
> http://rollerweblogger.org/wiki/Wiki.jsp?page=Proposal_CommentValidators
>
> Pease respond with comments here on the list.
>
> - Dave
