Spam control is misconfigured and rejects all anonymous bug reports

[follower]

It appears that if an attempt is made to submit a new ticket without logging in the following error is thrown:

Trac Error

Submission rejected as potential spam (BlogSpam says content is spam (badip:state/blacklist.d/127.0.0.1))

According to IRC and searches this problem has been occurring for quite a while.

This is a particularly bad problem as it discourages new people from submitting bug reports. (As demonstrated by reading mailing list posts.)

Depending on the browser it potentially leads to data-loss of the report also.

It seems like the actual remote IP of the creator isn't being passed on to the BlogSpam functionality correctly so localhost (127.0.0.1) is being used instead.

If this configuration can not be fixed then IMO Trac should be configured to require log in before submission of new tickets.

[Aymeric Augustin]

This problem does not affect all anonymous bug reports. I just created and closed #15882 after logging out.

I'll classify the ticket as "optimization" since it affects some users, but not all.

[Aymeric Augustin]

Change UI/UX from NULL to False.

[Aymeric Augustin]

Since I now have more permissions, I could investigate the problem.

First, the configuration problem mentioned by the OP no longer exists. It's probably been fixed independently.

Furthermore, I have tweaked the spam settings to be more permissive with anonymous submissions. For obvious reasons I won't discuss the specifics in public -- please contact me in private if necessary.

Trac keeps one week of history for the spam filter. If you encounter the problem again, please notify use quickly so we can investigate before the logs are purged.