Bugzilla – SPAM fighting with the help of the Mollom Service

By | May 12, 2016

Over the lasspamt couple of days we saw a big increase in SPAM bugs and SPAM comments in a Bugzilla installation. After the initial rush to stop that influx and clean up the mess, I took some time to look around and try to find some help to fight that issue at the source. Basically trying to filter/reject those bugs/comments right at the submission. Unfortunately, I did not really find muchย  ๐Ÿ™

The next step was to look at the sources (thanks for Open Source Software ๐Ÿ˜‰ and see how hard it would be to to add a classification setup on my own. Bugzilla has a nice setup for hooks, but unfortunately there were none that fit my purpose. So I decided to add my code right into the normal sources. It turned out, that the majority of the additions were limited to two spots in one file, after the normal validations for the bug creation and the comment addition. I made some more changes related to configuration of the new service and to the error handling/text. But overall, it was quite easy and quick ๐Ÿ˜‰ Thanks to another piece of Open Source Software: the CPAN Net::Mollom module.

The bz_4.4.11.patch was done against Bugzilla 4.4.11 and the resulting installation was tested locally with some simple messages and a free Mollom account. It seems to work as expected, but I don’t yet claim a real-world deployment. That would probably cost some money depending on how large the installation would be.

An additional Net-Mollom.patch to the Net::Mollom sources allows it to use the proxy configuration from Bugzilla. I thought, this would make things easier if the installation would need a proxy to reach the Mollom servers.

This whole exercise was just an attempt to see how much effort would be needed to implement a service-based SPAM classification for Bugzilla. This blog uses Akismet to classify comments and I believe my code could easily be adopted for that or even any other service. The most important part was to find the right spots where all the information is easily available before anything is committed to the DB. I think, I found pretty good spots ๐Ÿ˜‰

As always, have fun expanding you horizon ๐Ÿ˜‰

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.