[rt-users] Spam users

Benji Wakely benji.wakely at gmail.com
Wed Dec 15 19:50:17 EST 2004


Hi all.

I wanted to check that this would be basically sound practice...

We have a small use RT system, and it's getting a lot of spam,
and we'd like manual control over the users that can view the tickets
inside the system for other reasons anyway.

I could set up spamassassin/spambayes, but I thought to kill two birds
with one stone, and only allow pre-approved users access and
create-ticket rights.

Would the simplest way to do this be to deny 'everyone' all rights,
make one or more groups that have the basic rights (create ticket,
seequeue etc), and assign users that we want in the system to the new
groups?

Will this stop 'spam' and other unauthorised users creating accounts
on the system automatically when they try (and fail) to create a
ticket?

http://wiki.bestpractical.com/index.cgi?ManualAdministration
mentions that whenever anyone mails RT, it creates an account for them.
Basically, what I'm after is the ability to either stop that happening, 
make it reliant on my approval,
or a reason why this isn't a good approach.

Apologies for the basic nature of the question.  I could not find the
right answers on the wiki or in the mailing list archives.  Must be a
braino day.

--Benji



More information about the rt-users mailing list