<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Chris,<br>
Yes, there is a reason. Open publishing is required for IMCs as a
matter of principle. So we need to have something that allows people
to post and comment anonymously that goes straight to full view.<br>
<br>
I know virtually nothing about the backend, but that's the policy
side of things. Lots of ways to interpret and implement this,
however.<br>
<br>
Lots of things would be easier about editing would be far easier
without anon publishing. However, I think it is something we've
always been committed to. Such complexities are why I've been
keeping notes and outlining what I need to present to those who want
to help catch written policy up with empirical policy. There are
several different ideas of how to deal with this in terms of how
different IMCs have dealt with it, although I've done no surveys of
the current status of how this is dealt with right now at various
IMCs. Implementation has varied considerably for the user, so I
suspect that the code is similarly diverse. Within the Principles of
Unity, I think we're in a position to come up with something that
will fit locally policy wise. <br>
<br>
That's a lot of work, though. We need to do it eventually, but
that's more a matter of choice provided there's not a technical
reason to do something sooner.<br>
<br>
You have the power as a Tech admin to decide if anon publishing
needs to be shut down as an emergency measure. It's happened before,
but a long time ago, so don't remember any details. Use your best
judgment and we'll work through things if it turns out it needs to
be less temporary than anticipated.<br>
Mike Lehman<br>
<br>
On 5/1/2011 7:17 PM, Chris Ritzo wrote:
<blockquote
cite="mid:BANLkTi=FpSuUQEP+-bDRH7f8t+H2BKy30A@mail.gmail.com"
type="cite">While attempting to configure the new spam module, I
found that there is an issue with the way we are doing proxy
caching which is causing issues with the way the module is
supposed to work. More spam was coming through, so here's the
actions I took:<br>
- disabled Mollom, re-enabled reCaptcha<br>
- disabled anonymous posting, at least temporarily- discussion
following..<br>
<br>
I suspect that there is a reason we have allowed anonymous
postings, and I'd like to hear what that reason is as a part of
the discussion on revamping the website. <br>
<br>
My personal feeling is that I'm not sure it's really necessary to
allow completely anonymous users to post to the site, essentially
requiring us to monitor and control for spam like this. Since
logged in users can change the "author" of the post to appear as
anonymous, I suggest that we make it apparent that this can be
done in the redesign, and require people to register on the
website in order to post comments, stories, etc.<br>
<br>
Thoughts? -CR<br>
<br>
<div class="gmail_quote">On Sun, May 1, 2011 at 6:09 PM, Chris
Ritzo <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:chris.ritzo@gmail.com">chris.ritzo@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
I just changed the settings so all forms use mollom's captcha
not textual analysis. let me know if the spam continues.<br>
<font color="#888888"><br>
Chris</font>
<div>
<div class="h5"><br>
<br>
<div class="gmail_quote">
On Sun, May 1, 2011 at 5:22 PM, Mike Lehman <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:rebelmike@earthlink.net"
target="_blank">rebelmike@earthlink.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt
0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000"> With my set-up,
when I'm not signed into my account I can see a link
to the Mollom privacy policy, but do not see any
actual captchas.<br>
<br>
Could be unrelated, but we're getting a bunch of
mortgage spam over the last couple of hours.<br>
<font color="#888888"> Mike Lehman</font>
<div>
<div><br>
<br>
On 5/1/2011 3:33 PM, Chris Ritzo wrote:
<blockquote type="cite">all: <br>
I've just switched the IMC site from the
reCaptcha module to the Mollom module. All
forms that are exposed to non-authenticated
users should now be protected either by
captchas or by Mollom's textual analysis.. For
those monitoring posts, I'm hoping this
reduces the amount of spam posts that you see.
please confirm if you note this.<br>
<br>
Thanks,<br>
Chris<br>
<br>
<div class="gmail_quote">On Fri, Apr 29, 2011
at 3:05 PM, Mike Lehman <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:rebelmike@earthlink.net"
target="_blank">rebelmike@earthlink.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin: 0pt 0pt 0pt 0.8ex;
border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000">
Found a little info that may be
relevant. <br>
<a moz-do-not-send="true"
href="http://computerworld.co.nz/news.nsf/security/mozilla-patches-firefox-4-fixes-programming-bungle"
target="_blank">http://computerworld.co.nz/news.nsf/security/mozilla-patches-firefox-4-fixes-programming-bungle</a><br>
<br>
Seems one of the fixes in FF 4.0.1 was
to deal with a MS issue with ASLR in
Vista and 7 that made them "making the
flaw as exploitable on those platforms
as it would be on Windows XP or other
platforms." <br>
<br>
Maybe when they fixed things in Vista
and 7, they broke cpatchas in XP? Just
speculation, but since many things funky
lead back to MS, this wouldn't surprise
me.<br>
<font color="#888888"> Mike Lehman</font>
<div>
<div><br>
<br>
On 4/29/2011 1:32 PM, Mike Lehman
wrote:
<blockquote type="cite"> Chris,<br>
More info. I tried a test post on
my other machine. Entered the
displayed captcha, hit Save and --
then it gave me an error message
and no longer displayed any
captcha. Now that I've seen it
twice, it was the same thing that
happened the first time a couple
of days ago, as I was trying a
test post then, too.<br>
<br>
You can sign in and out of your
account, everything's fine there,
but you never get the captchas
back so that it's possible to post
when not logged in.<br>
<br>
My guess now is that this is an
issue with Firefox. It's actually
Firefox 4.0.1 that I'm running on
both machines.<br>
Mike Lehman<br>
<br>
On 4/29/2011 11:05 AM, Chris Ritzo
wrote:
<blockquote type="cite">Thanks for
documenting your troubleshooting
Mike. I haven't had a chance to
look into this yet, and it
appears that the issue is
inconsistent. I've had good
results using the Mollom module
for captchas on other sites and
I'm thinking of just switching
the IMC site to that. It uses a
web service to do the captchas
and will also do textual
analysis on fields which is an
added layer of spam protection.<br>
<br>
Chris<br>
<br>
<div class="gmail_quote">On Fri,
Apr 29, 2011 at 10:29 AM, Mike
Lehman <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:rebelmike@earthlink.net"
target="_blank">rebelmike@earthlink.net</a>></span>
wrote:<br>
<blockquote
class="gmail_quote"
style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px
solid rgb(204, 204, 204);
padding-left: 1ex;"> After
some poking around...<br>
<br>
Still no captchas on my
usual machine, even after
several reboots. On my
laptop, captchas are there.
Both machines are running XP
SP3 and the latest version
of Firefox (4.0), so not
sure why they just went MIA
on the one.<br>
<br>
And the captchas seem to be
there for others, as we've
had some of the usual spam
and one legitimate post
since I first noticed the
problem.<br>
<br>
This seemed superficially
similar to the issue we've
had several times lately
where someone accidentally
turned captchas off. Chris
indicated that he'd reset
that the last time it
happened and remove it from
the editor's menu so it
couldn't happen again.
However, that doesn't seem
to be the case here, as I
can get captchas on my
alternate machine.<br>
<br>
I realize that this may just
be my problem, but wanted to
document it in case someone
else runs into the same
issue. I made no changes in
settings AFAIK before this
happened.<br>
Mike
<div>
<div><br>
<br>
On 4/27/2011 5:44 PM,
Mike Lehman wrote:<br>
</div>
</div>
<blockquote
class="gmail_quote"
style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px
solid rgb(204, 204, 204);
padding-left: 1ex;">
<div>
<div> Sometime today,
the captchas
disappeared from the
website.<br>
<br>
Mike Lehman<br>
_______________________________________________<br>
IMC-Tech mailing list<br>
<a
moz-do-not-send="true"
href="mailto:IMC-Tech@lists.chambana.net" target="_blank">IMC-Tech@lists.chambana.net</a><br>
<a
moz-do-not-send="true"
href="http://lists.chambana.net/mailman/listinfo/imc-tech"
target="_blank">http://lists.chambana.net/mailman/listinfo/imc-tech</a><br>
<br>
<br>
<br>
<br>
</div>
</div>
=======<br>
Email scanned by PC Tools
- No viruses or spyware
found.<br>
(Email Guard: 7.0.0.21,
Virus/Spyware Database:
6.17390)<br>
<a moz-do-not-send="true"
href="http://www.pctools.com/" target="_blank">http://www.pctools.com/</a><br>
=======<br>
<br>
</blockquote>
<div>
<div> <br>
<br>
_______________________________________________<br>
IMC-Tech mailing list<br>
<a
moz-do-not-send="true"
href="mailto:IMC-Tech@lists.chambana.net" target="_blank">IMC-Tech@lists.chambana.net</a><br>
<a
moz-do-not-send="true"
href="http://lists.chambana.net/mailman/listinfo/imc-tech"
target="_blank">http://lists.chambana.net/mailman/listinfo/imc-tech</a><br>
</div>
</div>
</blockquote>
</div>
<br>
<br>
<br>
<br>
<br>
<font face="Tahoma" size="2"><br>
=======<br>
Email scanned by PC Tools - No
viruses or spyware found.<br>
(Email Guard: 7.0.0.21,
Virus/Spyware Database:
6.17410)<br>
<a moz-do-not-send="true"
href="http://www.pctools.com/?cclick=EmailFooterClean_51"
target="_blank">http://www.pctools.com</a><br>
=======</font>
<pre><fieldset></fieldset>
_______________________________________________
IMC-Tech mailing list
<a moz-do-not-send="true" href="mailto:IMC-Tech@lists.chambana.net" target="_blank">IMC-Tech@lists.chambana.net</a>
<a moz-do-not-send="true" href="http://lists.chambana.net/mailman/listinfo/imc-tech" target="_blank">http://lists.chambana.net/mailman/listinfo/imc-tech</a>
=======
Email scanned by PC Tools - No viruses or spyware found.
(Email Guard: 7.0.0.21, Virus/Spyware Database: 6.17410)
<a moz-do-not-send="true" href="http://www.pctools.com/" target="_blank">http://www.pctools.com/</a>
=======
</pre>
</blockquote>
<br>
<br>
<br>
<br>
<br>
<font face="Tahoma" size="2"><br>
=======<br>
Email scanned by PC Tools - No
viruses or spyware found.<br>
(Email Guard: 7.0.0.21,
Virus/Spyware Database: 6.17410)<br>
<a moz-do-not-send="true"
href="http://www.pctools.com/?cclick=EmailFooterClean_51"
target="_blank">http://www.pctools.com</a><br>
=======</font>
<pre><fieldset></fieldset>
_______________________________________________
IMC-Tech mailing list
<a moz-do-not-send="true" href="mailto:IMC-Tech@lists.chambana.net" target="_blank">IMC-Tech@lists.chambana.net</a>
<a moz-do-not-send="true" href="http://lists.chambana.net/mailman/listinfo/imc-tech" target="_blank">http://lists.chambana.net/mailman/listinfo/imc-tech</a>
=======
Email scanned by PC Tools - No viruses or spyware found.
(Email Guard: 7.0.0.21, Virus/Spyware Database: 6.17410)
<a moz-do-not-send="true" href="http://www.pctools.com/" target="_blank">http://www.pctools.com/</a>
=======
</pre>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
IMC-Tech mailing list<br>
<a moz-do-not-send="true"
href="mailto:IMC-Tech@lists.chambana.net"
target="_blank">IMC-Tech@lists.chambana.net</a><br>
<a moz-do-not-send="true"
href="http://lists.chambana.net/mailman/listinfo/imc-tech"
target="_blank">http://lists.chambana.net/mailman/listinfo/imc-tech</a><br>
<br>
</blockquote>
</div>
<br>
<br>
<br>
<br>
<br>
<font face="Tahoma" size="2"><br>
=======<br>
Email scanned by PC Tools - No viruses or
spyware found.<br>
(Email Guard: 7.0.0.21, Virus/Spyware
Database: 6.17410)<br>
<a moz-do-not-send="true"
href="http://www.pctools.com/?cclick=EmailFooterClean_51"
target="_blank">http://www.pctools.com</a><br>
=======</font> </blockquote>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
IMC-Tech mailing list<br>
<a moz-do-not-send="true"
href="mailto:IMC-Tech@lists.chambana.net"
target="_blank">IMC-Tech@lists.chambana.net</a><br>
<a moz-do-not-send="true"
href="http://lists.chambana.net/mailman/listinfo/imc-tech"
target="_blank">http://lists.chambana.net/mailman/listinfo/imc-tech</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
</div>
<br>
<br>
<br>
<br>
<br>
<font face="Tahoma" size="2"><br>
=======<br>
Email scanned by PC Tools - No viruses or spyware found.<br>
(Email Guard: 7.0.0.21, Virus/Spyware Database: 6.17410)<br>
<a moz-do-not-send="true"
href="http://www.pctools.com/?cclick=EmailFooterClean_51">http://www.pctools.com</a><br>
=======</font>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
IMC-Tech mailing list
<a class="moz-txt-link-abbreviated" href="mailto:IMC-Tech@lists.chambana.net">IMC-Tech@lists.chambana.net</a>
<a class="moz-txt-link-freetext" href="http://lists.chambana.net/mailman/listinfo/imc-tech">http://lists.chambana.net/mailman/listinfo/imc-tech</a>
=======
Email scanned by PC Tools - No viruses or spyware found.
(Email Guard: 7.0.0.21, Virus/Spyware Database: 6.17410)
<a class="moz-txt-link-freetext" href="http://www.pctools.com/">http://www.pctools.com/</a>
=======
</pre>
</blockquote>
<br>
</body>
</html>