Spam: Difference between revisions
No edit summary |
|||
Line 37: | Line 37: | ||
$wgEmailConfirmToEdit = true; | $wgEmailConfirmToEdit = true; | ||
to force confirmation of email. | to force confirmation of email. I've also added [http://www.mediawiki.org/wiki/Extension:ConfirmAccount ConfirmAccount] | ||
There is no automated way to ban users or delete posts, so you have to do that manually unfortunately. | There is no automated way to ban users or delete posts, so you have to do that manually unfortunately. | ||
For cleanup I have installed [http://www.mediawiki.org/wiki/Extension:AbuseFilter AbuseFilter] | For cleanup I have installed [http://www.mediawiki.org/wiki/Extension:AbuseFilter AbuseFilter] and [http://www.mediawiki.org/wiki/Extension:NukeDPL NukeDPL] |
Latest revision as of 19:09, 6 March 2011
BSD
On OpenBSD this should work out of the box. On FreeBSD you have to mount a fdescfs(5) filesystem in order to get this working. There is an effective way to block spam using pf and spamd (OpenBSD's version, not SpamAssassin's). These are taken directly from Bob Beck's slide presentation at BSDCAN 2005
in pf.conf (note variables):
table <spamd> persist no rdr on { lo0, lo1 } from any to any rdr inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port 8025 table <spamd-white> persist rdr pass inet proto tcp from !<spamd-white> to any port smtp -> 127.0.0.1 port 8025 pass in log on $ext_if inet proto tcp to $Mail_servers port smtp keep state pass out log on $ext_if inet proto tcp from $Mail_servers to any port smtp keep state
and add the cronjob:
*/30 * * * * /usr/local/sbin/spamd-setup
Also probably worth your time to check out your spamd.conf although it shouldn't require modification to work out of the box.
Now moving on to the Testing:Process.
Mediawiki
As this server was attacked by spambots, I'll let you know of some of the resolutions that worked. First, make sure you're using the latest version of Mediawiki, older versions were easier to abuse.
Download the latest ConfirmEdit. In LocalSettings.php after getting your ReCaptcha keys:
require_once( "$IP/extensions/ConfirmEdit/ConfirmEdit.php" ); require_once( "$IP/extensions/ConfirmEdit/ReCaptcha.php" ); $wgReCaptchaPublicKey = 'yourpublickeyhere'; $wgReCaptchaPrivateKey = 'yourprivatekeyhere'; $wgCaptchaClass = 'ReCaptcha';
Put this in LocalSettings.php:
$wgEmailConfirmToEdit = true;
to force confirmation of email. I've also added ConfirmAccount
There is no automated way to ban users or delete posts, so you have to do that manually unfortunately.
For cleanup I have installed AbuseFilter and NukeDPL