Forum OpenACS Q&A: Forums package has huge spam issue

Collapse
1: Forums package has huge spam issue
Posted by Jade Rubick on 10/01/06 04:40 AM
It looks like you can easily send mail to anyone through the forums package via the email forward feature.

Any way to restrict this only to registered users?

I think this should be the default.

Jade

Collapse
2: Re: Forums package has huge spam issue (response to 1)
Posted by Jade Rubick on 10/01/06 06:32 AM
Easily remedied:

Can someone apply this?

[safe4all-staging@safe4all www]$ tla file-diff message-email.tcl
--- orig/packages/forums/www/message-email.tcl
+++ mod/packages/forums/www/message-email.tcl
@@ -12,6 +12,9 @@

forum::security::require_read_message -message_id $message_id

+# Require a login. Otherwise, people can use this for spamming
+auth::require_login
+
# Get the message information
forum::message::get -message_id $message_id -array message
set message(tree_level) 0