Last modified: 2013-11-25 16:52:19 UTC
Pretty much every open wiki will get attacked by spam, so arguably the default setup should contain antispam measures. One of the arguments against fixing bug 42594 (i.e. applying dofollow to external links by default) is that the default configuration provides no spam protection. The problem is, some wikis, e.g. those on corporate intranets, will not be exposed to spam, so they don't need spam protection; it would just get in the way. But we want to keep the installer options as simple as possible, and adding questions about spam protection would complicate it. So what can we do? Should we include spam protection by default, and let those who don't need it disable it? If so, what should be the default spam protection? Personally, I've found Asirra takes care of most of my spam problem. I don't know how much protection AntiBot, SimpleAntiSpam, SpamBlacklist, etc. provide; I've tended to install whatever Wikipedia has installed, and still found that I got spam unless I used Asirra.
Spam solutions must be customized for every sites according a set of factors. Everybody has its own conclusions and methods. For example, I got good results with Akismet. This seems a vain bug report if the goal is to try to standardize spam protection into the core. And you pointed very well the fact intranets don't need it. Different people has also different expectations: my goal when I set a wiki is to allow easier edits as possible, not to create « parcours du combattant » with captcha everywhere, other wikis doesn't want easy edit, they only want bullet-proof anti spam. I so offer to close this bug as RESOLVED WONTFIX, as this is not a shared priority by every MediaWiki users, and as specific bugs to enable by default a feature of the core could be opened in the future.
(In reply to comment #1) > I so offer to close this bug as RESOLVED WONTFIX, as this is not a shared > priority by every MediaWiki users, and as specific bugs to enable by default > a > feature of the core could be opened in the future. How about making this a tracking bug?
I don't know if the rest of the community wants to avoid putting more antispam protection in the default configuration. But if they do, and they also oppose changing the default setting of $wgNoFollowLinks until there is more antispam protection in the default config (e.g. Hershberger writes "I'd like to get the default setup addressed before we start to play with nofollow"), then that means there is no way the default setting of $wgNoFollowLinks would ever be changed. In other words, WONTFIX on this (as a proposal, not as a particular bug) would mean WONTFIX on bug 42594 too.
Or I should say, it would mean WONTFIX on bug 42594 unless we come up with some creative alternative to the boolean alternatives originally proposed.
We don't WONTFIX bugs that simply depend on something else being implemented. We simply leave them open and potentially add a blocking bug to them. Also a bit personal. But I find the combination of "We shouldn't be adding anti-spam to MediaWiki defaults" and "Using $wgNoFollowLinks deflects some spam, it should be true by default" that seems to be a general sentiment to be pretty illogical and somewhat hypocritical.
