Throwing Rob's cc on this.

Rob, can you take a peek and see which blacklist is blocking here? May be a legit problem or might be a bad entry we should report upstream.

Also blocked from 218.163.* as noted in http://article.gmane.org/gmane.science.linguistics.wikipedia.technical/44346

I changed some settings, please try to post comments again and if it still does not work, reply to this ticket to reopen it.

No improvement. IP: 125.230.*.*, 218.163.*.*

I mean all I know is today I tried it from this group of addresses:

inetnum: 125.224.0.0 - 125.231.255.255
netname: HINET-NET
country: TW
descr: CHTD, Chunghwa Telecom Co.,Ltd.
descr: Data-Bldg.6F, No.21, Sec.21, Hsin-Yi Rd.
descr: Taipei Taiwan 100

and I have no control of what group is assigned each time I connect my modem.

Therefore please make sure all HINET-NET owned addresses are unblocked. Thank you.

I honestly do not see why it is blocking this, but I will have to follow up and try to figure out why. Unfortunately, not being able to comment on the blog is a bit lower on the priority list than most site requests, but I am working on it as well!

Are there still issues in posting these comments? The various items I see should NOT be stopping them from posting.

Please advise, as soon as a reply is sent from you it will reopen this ticket and show up on my list of items.

Thanks in advance!

Yeah well I tried posting a comment to
http://techblog.wikimedia.org/2010/03/the-change-in-interface-is-coming/#comments and got "Your location has been identified as part of a reported spam network. Comments have been disabled to prevent spam." today from 218.163.4.60 so you need to do more homework. I didn't login this time as there is no login button.
I just filled in name, email, and wehsite fields and comment content and hit the submit button.

It appears[0] to be marked by The Spamhaus Project and Sorbs DUL, One of our spam filters probably links into one of those or another system that does.

[0]. http://www.dnsqueries.com/en/check_banned_ip.php

In the mean time try registering[0] a account on the blog then logging-in[1] before commenting and see that works (Both links can be found on the right hand side menu in "Meta".

[0]. https://techblog.wikimedia.org/wp-login.php?action=register
[1]. https://techblog.wikimedia.org/wp-login.php

OK, I logged in and submitted a comment again. Same block message.
Yes http://www.dnsqueries.com/en/check_banned_ip.php shows the same dynamic IP range etc. for 218.163.8.76 which I am using today as you can see too.

Is there some measure of the effectiveness or usefulness of these blacklists?

The blacklists are indeed linked from The Spamhaus Project and Sorbs DUL, and I am not entirely pleased with the idea of removing them.

If this was the corporate blog, then it has a team of volunteers to review it often and patrol comments and the like. The tech blog has no such team, so removing the spam blacklists seems like asking for trouble.

Since this seems to only affect one user, it seems unfortunate but acceptable ONLY ON COMMENTING ON BLOGS. If this was a case where the actual projects were not editable, there are larger and harsher repercussions for this sort of thing.

I will put the question forth to my fellow techs at our Ops meeting, but for now this is staying in place. (Will update it with details after meeting.)

Re: WONTFIX.
I.e., Tough luck.
Even though you can register an account,
and then type in your well thought response,
it will just end up in the dumpster,
because your comments are not welcome,
because you are only one user,
so you can send your comments elsewhere.

If that is the way you chose to summarize the above, you can certainly feel free to, though that is not the intent.

If we remove things from use of the blacklisting service, we have to instead setup infrastructure to ensure that blog comments posting are still relevant, and remain largely spam-free.

As I stated above, I will put forth the issue to my fellow tech folks and see if they can present a better option, other than de-opting out of the blacklist service without an alternative means of filtering and reviewing comments.

If you feel that you are being unheard, you have my apologies, but I won't open up zero content filtering to allow one person the ability to post on a blog comment, when doing so has the real possibility of overwhelming all blog comments with huge amounts of spam.

Have any steps been taken by you with the blacklisting agencies? (I ask because if I were to inquire with them, a pending case is a much easier reference than a new one.)

All I know is the sequence in my mailbox looked like
"we will meet"
"result is WONTFIX"

Anyway thank you for your concern.

Perhaps adjust the error message to give the user an address to send
his comment to if he feels what he wrote was not spam.

Or adjust the software not to give "bait and switch" comment
invitations if the result will surely be "sorry".

Re: Blacklisting agencies. No, thank goodness.

I want to post
"I say upon installation make sure they click that they know about the announcements mailing list. Much better than installing time bomb or click triggered wakeups and calling home junk."
to http://techblog.wikimedia.org/2010/07/mediawiki-version-statistics/
comments. Please post it for me. Believe me, I tried.

Rob, maybe you can whitelist jidanni user? That seems a good compromise.

Perhaps find someone willing to moderate the comments, the blog isn't posted to much and I'm sure if we/you guys looked I'm sure we can find someone willing like myself or one of the pre-existing mailing list admins.

That dnsqueries.com site does not show that Jidanni is blocked. It only shows that he is included in SORBS DUL and Spamhaus PBL (Zen includes PBL), both of which attempt to list all customer-assigned dynamic IP addresses. They do not track any kind of abuse, they're only intended to force people to use their ISP's SMTP server to forward mail instead of sending it themselves.

The error message that Jidanni reports is in fact the message it gives when the content filter is hit. If it were an open proxy filter, the message would be different. I suggest trying a different username or homepage URL.

(In reply to comment #21)

I suggest trying a different username or homepage URL.

I tried

Name: Dan Jacobson
Email: jidanni@gmail.com
Website: [none]

But nonetheless,

"Your location has been identified as part of a reported spam network.
Comments have been disabled to prevent spam."

Then I tried "Phil" at "efg@gmail.com".

Still

"Your location has been identified as part of a reported spam network.
Comments have been disabled to prevent spam."

Today I am using 218.163.2.22

On the the Ma Bell of Taiwan.

Deny it and you block 95% of Taiwan people.

But you don't block them from editing Wikipedia.

My friend runs a WordPress blog just like yours.
As you see http://pinyin.info/news/2010/chinese-characters-like-wow/comment-page-1/#comment-602144 my comments just sail right through.

And in http://techblog.wikimedia.org/2010/07/mediawiki-version-statistics/ you guys are discussing if you should be like WordPress. But you haven't mastered this aspect of WordPress -- not disfranchising the little guy with no workaround,

And for content, this time I used
"Test post for bug#19540".
just in case you were wondering.

It seems most likely that the "content filter" in question is actually a check for a browser-like User-Agent header. I've enabled logging in the WP-SpamFree module. Please try posting again, without changing your User-Agent header, so that I can confirm this.

Here's what my browser sent:

POST /wp-comments-post.php HTTP/1.1
Host: techblog.wikimedia.org
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.4) Gecko/20100628 Iceweasel/3.6.4 (like Firefox/3.6.4)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Accept-Charset: UTF-8,*
Keep-Alive: 115
Connection: keep-alive
Referer: http://techblog.wikimedia.org/2010/07/mediawiki-version-statistics/
Cookie: vfDpsfoemAmtllix=oyBdFdtuDfcacaic; SJECT=CKON
Content-Type: application/x-www-form-urlencoded
Content-Length: 134

author=jidanni&email=jidanni%40jidanni.org&url=&comment=test+post+for+Bug+19540&comment_post_ID=970&comment_parent=0&refJS=&formInput=

It logged HAL1001, which means that the Accept-Language header was missing.

I've disabled WP-SpamFree now.

OK, now there is no more snide message. But where did my test comment go? At least have a popup saying what happened to it.

I.e., now things are worse. It still eats my comment into its black hole, but now there isn't even an error message.

Can you get on IRC to discuss this?

(The incident was solved peacefully as Tim made Me an Editor.)