With the Patch 3 (May 20) update to Tigris (and in some cases, some other, recent upgrades), we introduced several new features to Tigris mail-list management, including posting control and CAPTCHA.
With Posting Control, the mail list administrator can control who is allowed to post to the list. With the Patch 3 changes, this includes separate controls for posts coming via email and posts coming via web. So, for example, the commits@ and issues@ lists in your projects receive internally generated postings (neither web nor email), so you might choose to block posting to them from either source. Then, set the reply-to for these lists to your dev@ list, and you’ve automatically directed all discussion into the light of day.
You know what CAPTCHA is, even if you don’t know you know: it’s those hard-to-read little “type in this word” things that are springing up all over the web. A CAPTCHA guarding the web posting page helps to protect the list against robots and spam: hopefully, they won’t be able to read the image and enter the text.
As embodied in Tigris, CAPTCHA allows the list owner to choose among a range of options:
- By default, CAPTCHA is required for web posts made by people who aren’t logged in (so-called “anonymous” web posts). This is the lowest level of security available, but it covers all the cases we’ve recently experienced.
- If a higher degree of security is wanted, the list admin can require CAPTCHA for all web posts.
With posting control and CAPTCHA, you should be able to become virtually spam-free.