Gentoo Archives: gentoo-dev

From: Brian Dolbec <dolsen@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] [RFC] Anti-spam for goose
Date: Fri, 22 May 2020 19:53:09
Message-Id: 20200522125303.496d111e@storm
In Reply to: Re: [gentoo-dev] [RFC] Anti-spam for goose by Kent Fredric
On Sat, 23 May 2020 07:20:22 +1200
Kent Fredric <kentnl@g.o> wrote:

> On Thu, 21 May 2020 10:47:07 +0200 > Michał Górny <mgorny@g.o> wrote: > > > Other ideas > > =========== > > Do you have any other ideas on how we could resolve this? > > And a question I'd like to revisit, because nobody responded to it: > > - What are the incentives a would-be spammer has to spam this service. > > Services that see spam *typically* have a definable objective. > > *Typically* it revolves around the ability to submit /arbitrary text/, > which allows them to hawk something, and this becomes a profit motive. > > If we implement data validation so that there's no way for them to > profit off what they spam, seems likely they'll be less motivated to > develop the necessary circumvention tools. ( as in, we shouldn't > accept arbitrary CAT/PN pairs as being valid until something can > confirm those pairs exist in reality ) > > There may be people trying to jack the data up, but ... it seems a > less worthy target. > > So it seems the largest risk isn't so much "spam", but "denial of > service", or "data pollution". > > Of course, we should still mitigate, but /how/ we mitigate seems to > pivot around this somewhat.
We cannot exclude overlays which will have cat/pkg not in the main gentoo repo. So, we should not excludea submission that includes a few of these. They would just become irrelevant outliers to our processesing of the data. In fact some of these outlier pkgs could be relevant to our including that pkg into the main repo. But, like you I agree that purely spam submissions would be few, if any.

Replies

Subject Author
Re: [gentoo-dev] [RFC] Anti-spam for goose John Helmert III <jchelmert3@××××××.net>
Re: [gentoo-dev] [RFC] Anti-spam for goose Kent Fredric <kentnl@g.o>