POLL, please comment if you have an opinon:
Codeberg.org is being spammed by users using one-time/disposable email services and TOR connections. These spam projects with thousands of bogus issue comments, cause pain for project owners, and spam their notification email inbox. Also, Codeberg's SMTP reputation is harmed.
We consider disabling access via TOR and one-time email providers to maintain smooth operation for all users.
What do you think? Is there a better approach?
Please have your say.
@codeberg If they use the same disposable mail address multiple times, maybe restricting such addresses to be used no more than once (or twice) per day (in the hope "creating new ones" is an effort they won't make too often)? Or do that with the combination of the address and TOR? IDK, but disabling both completely might harm other "legit uses". And no, I won't mention Captchas (unless you count "hidden input fields" which, when filled, tell you it's a bot).
A quick hack that we once employed, is to put a delay in delivering mail (to certain domains).
We mostly did that to spread the load,though. But it helped a lot when bots had to wait 1 to 20 hours before receiving the confirmation emails. Needs to be clearly communicated, though.
chaos.social – a Fediverse instance for & by the Chaos community