Testing spam blacklist prior to abuse filters
Closed, DuplicatePublic
Actions

Assigned To

None

Authored By

	Billinghurst
	Sep 9 2013, 12:14 PM

Description

At this moment, we are getting spambots that are spamming blacklisted domain names, however, they are hitting the AbuseFilters first. This means that we are getting a lot of abuse reports to wade through (sloooooow process) only to find that domain is blacklisted and there is no need to further manage the domain.

I am wondering whether it is possible to run the checks against the global spam blacklist prior to running the abuse filter checks.

I understand that this will mean that I may miss seeing that an account is spamming a blacklisted url, however, I can live with that. Spambots do not tend to offer more than the one spam url.

Version: wmf-deployment
Severity: normal

Details

Reference: bz53939

Event Timeline

• bzimport raised the priority of this task from to Medium.Nov 22 2014, 2:02 AM

• bzimport added a project: WMF-General-or-Unknown.

• bzimport set Reference to bz53939.

• bzimport added a subscriber: Unknown Object (MLST).

Billinghurst created this task.Sep 9 2013, 12:14 PM

According to https://www.mediawiki.org/wiki/Manual:Hooks, the order hooks are called depends on when they are loaded.

Looking at CommonSettings.php, first the SpamBlacklist is loaded, then AbuseFilter.

Both AF and SB use the APIEditBeforeSave and EditFilterMergedContent hooks, so I'm not sure why the SpamBlacklist isn't stopping these first.

/me shrugs

bit.ly is blacklisted

https://meta.wikimedia.org/wiki/Special:AbuseFilter/examine/log/23182

(In reply to comment #1)

Looking at CommonSettings.php, first the SpamBlacklist is loaded, then
AbuseFilter.

So the question would be whether the order can be switched without bad side effects?

(In reply to comment #3)

(In reply to comment #1)

Looking at CommonSettings.php, first the SpamBlacklist is loaded, then
AbuseFilter.

So the question would be whether the order can be switched without bad side
effects?

Er, it's already in the correct order I believe. If SB is loaded first, it should register its hook first, which means it should get called first.

This is still occurring, twice today. Here is one

https://meta.wikimedia.org/wiki/Special:AbuseFilter/examine/log/29897

welovesbobet.net is caught by blacklists: [global] \bwelovesbobet\.net\b

and not showing (In reply to billinghurst from comment #5)

This is still occurring, twice today. Here is one

https://meta.wikimedia.org/wiki/Special:AbuseFilter/examine/log/29897

welovesbobet.net is caught by blacklists: [global] \bwelovesbobet\.net\b

and not showing in the spam blacklist log

https://meta.wikimedia.org/w/index.php?title=Special%3ALog&type=spamblacklist&user=&page=&year=&month=-1&tagfilter=&hide_patrol_log=1&hide_review_log=1&hide_thanks_log=1

Legoktm added a project: Stewards-and-global-tools.Oct 27 2015, 4:58 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 27 2015, 4:58 PM

MarcoAurelio removed a subscriber: • wikibugs-l-list.Apr 18 2016, 9:18 AM

Restricted Application added a subscriber: JEumerus. · View Herald TranscriptApr 18 2016, 9:18 AM

MarcoAurelio removed a parent task: T43492: [DO NOT USE] Steward, global sysop and SWMT tasks bugs (tracking) [superseded by #Stewards-and-global-tools].Jan 11 2017, 11:39 PM

Matanya moved this task from Untriaged to Low priority on the Stewards-and-global-tools board.Apr 19 2017, 8:18 PM

Bugreporter closed this task as a duplicate of T211680: Make SpamBlacklist clearly act prior to AbuseFilter on WMF operational wikis.Aug 3 2019, 3:09 PM