Add simple anti-spam recipe to docs

Richard Jones · Richard Jones · commit d4324c501666 · 2007-03-25T23:18:25.000Z
diff --git a/CHANGES.txt b/CHANGES.txt
@@ -5,6 +5,8 @@ are given with the most recent entry first.
 Feature:
 - Dates can now be in the year-range 1-9999 except for metakit which is
   still limited to 1970-2038.
+- Add simple anti-spam recipe to docs
+
 Fixed:
 - Handling of unset Link search in RDBMS backend
 - Journal import/export for metakit backend
diff --git a/doc/customizing.txt b/doc/customizing.txt
@@ -2,7 +2,7 @@
 Customising Roundup
 ===================
 
-:Version: $Revision: 1.217 $
+:Version: $Revision: 1.218 $
 
 .. This document borrows from the ZopeBook section on ZPT. The original is at:
    http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx
@@ -3834,6 +3834,37 @@ So you could reimplement this as something like::
 Changes to Tracker Behaviour
 ----------------------------
 
+Preventing SPAM
+~~~~~~~~~~~~~~~
+
+The following detector code may be installed in your tracker's
+``detectors`` directory. It will block any messages being created that
+have HTML attachments (a very common vector for spam and phishing)
+and any messages that have more than 2 HTTP URLs in them. Just copy
+the following into ``detectors/anti_spam.py`` in your tracker::
+
+    from roundup.exceptions import Reject
+
+    def reject_html(db, cl, nodeid, newvalues):
+        if newvalues['type'] == 'text/html':
+        raise Reject, 'not allowed'
+
+    def reject_manylinks(db, cl, nodeid, newvalues):
+        content = newvalues['content']
+        if content.count('http://') > 2:
+        raise Reject, 'not allowed'
+
+    def init(db):
+        db.file.audit('create', reject_html)
+        db.msg.audit('create', reject_manylinks)
+
+You may also wish to block image attachments if your tracker does not
+need that ability::
+
+    if newvalues['type'].startswith('image/'):
+        raise Reject, 'not allowed'
+
+
 Stop "nosy" messages going to people on vacation
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
diff --git a/doc/installation.txt b/doc/installation.txt
@@ -2,7 +2,7 @@
 Installing Roundup
 ==================
 
-:Version: $Revision: 1.124 $
+:Version: $Revision: 1.125 $
 
 .. contents::
    :depth: 2
@@ -788,6 +788,15 @@ Korean encodings the you'll need to obtain CJKCodecs from
 http://cjkpython.berlios.de/
 
 
+Public Tracker Considerations
+-----------------------------
+
+If you run a public tracker, you will eventually have to think about
+dealing with spam entered through both the web and mail interfaces.
+
+The `customisation documentation`_ has a simple detector that will block
+a lot of spam attempts. Look for the example "Preventing SPAM".
+
 
 Maintenance
 ===========
