Community mailing list archives

Re: Forum hackers

Olivier Dony (odo)
- 10/16/2014 05:48:14
On 10/16/2014 10:48 AM, Lionel Sausin wrote:
> How useful can it be to relay their spam to the community list, where nobody
> can do anything about it?
> Please get in touch with Odoo SA - I'm CC'ing Olivier Dony, he's probably the
> person who can help.

Thank you Lionel.

Stephen, as was explained already, they are simply spammers who took the time 
to make accounts just for the purpose of spamming.

All the accounts involved were deactivated (they cannot login anymore, but it 
will not prevent them from making new accounts of course).

Our signup process is very open *on purpose*, because we prefer to make life 
easier for all the real users and customers out there (no captcha and similar 
annoyances). The forum is actively moderated by its users anyway, so the damage 
is very little in the end - except for wasting the time of moderators indeed.
Our signup process is also new and unique, so having a captcha or email 
validation step would probably not stop them - they have taken the time to 
register a few accounts and are reusing them. It seems most of these spams are 
coming from the same source in Africa, and it only takes one!
So adding those measures would not be very effective in preventing spam, while 
being a *real* annoyance for the legit users out there.

What would probably stop them is if their message did not get mass visibility 
immediately, for example if we implemented a moderation queue that required all 
first posts to be reviewed by someone else - like it is done on Stack Overflow. 
In that case the spam would only reach 1 person before being stopped, making it 
a waste of time for them.
But we have also a lot of first time posters on Odoo Help, and having their 
first post delayed might be hard for them...

We'll be discussing the options within R&D and will keep you posted.

Thanks a lot for your energy and time spent on Odoo Help - the users really 
appreciate it!