J
joep
Is there a way to ban spammers from pypi?
L
Lawrence D'Oliveiro
In message
Yes, but it doesn't work.
joep said:
Yes, but it doesn't work.
S
Skip Montanaro
Can you provide some examples? It's possible that we can apply
SpamBayes
to PyPI submissions in much the same way that we apply it in other non-
areas.
Thx,
Skip Montanaro
R
Robert Kern
I suspect he might talking about all of the "1.0.1" releases of projects on June
5th from "v y p e r l o g i x . c o m" or "p y p i . i n f o" (obfuscated to
avoid helping them out). Most of them appear to be removed, now. These
chuckleheads even have a blog post complaining about it. I can collect a list
from my Cheeseshop RSS history if you like.
I don't think a SpamBayes approach will work for this particular guy. It's not
like completely fake metadata was uploaded with links to spam sites. There
actually is Python code for some of them. Maybe even some that is marginally
useful. But only marginally (Linked Lists for Python? Really?). All of the code
appears to use their proprietary, unreleased package.
--
Robert Kern
"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco
J
Jesse Noller
None of the code was useful, and I swear it all seemed like one giant
ruse to bump google rankings for his pay-for-play sites and downloads.
It was all just series of URLs back linking to his crap-sites.
R
Robert Kern
Come now! I'm sure pyLotto has some measurable (but tiny!) amount of expected
value to it.
The main point is that the code isn't gibberish. It might even do what it claims
to do if one had the dependencies. Only a human examining it could determine
that the code was actually useless and part of a spam-like campaign.
--
Robert Kern
"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco
S
skip
Robert> I don't think a SpamBayes approach will work for this particular
Robert> guy. It's not like completely fake metadata was uploaded with
Robert> links to spam sites. There actually is Python code for some of
Robert> them. Maybe even some that is marginally useful. But only
Robert> marginally (Linked Lists for Python? Really?). All of the code
Robert> appears to use their proprietary, unreleased package.
You might be surprised how well SpamBayes could single out this guy's stuff
as spam. In his form submission he has to provide some references to his
site. Those URLs (or at least fragments of them like domain names) or
product references (seems everything has "vyper" in it) would probably
become very spammy clues.
I'll contact the PyPI software folks. I've used SpamBayes for similar sorts
of things (like RoundUp). Somebody even built a SpamBayes for YouTube
browser extension:
http://userscripts.org/scripts/show/13839
Skip
Robert> guy. It's not like completely fake metadata was uploaded with
Robert> links to spam sites. There actually is Python code for some of
Robert> them. Maybe even some that is marginally useful. But only
Robert> marginally (Linked Lists for Python? Really?). All of the code
Robert> appears to use their proprietary, unreleased package.
You might be surprised how well SpamBayes could single out this guy's stuff
as spam. In his form submission he has to provide some references to his
site. Those URLs (or at least fragments of them like domain names) or
product references (seems everything has "vyper" in it) would probably
become very spammy clues.
I'll contact the PyPI software folks. I've used SpamBayes for similar sorts
of things (like RoundUp). Somebody even built a SpamBayes for YouTube
browser extension:
http://userscripts.org/scripts/show/13839
Skip