WordPress.org

Making WordPress.org

Opened 8 months ago

Last modified 8 months ago

#5534 new defect

Add limits to prevent high-triggering notifications

Reported by: dd32 Owned by:
Milestone: Priority: high
Component: General Keywords:
Cc:

Description

Currently WordPress.org notifications accept whatever is given to it, but that can cause notifications which trigger on most support threads.

For example, there's a user with a matcher for 'WordPress', and two for other common terms such as 'Help', 'Login', 'Music', 'Google', '404', etc.

In addition to those, it's also not uncommon for spam accounts (and pentesters alike) to inject spam notifications whilst looking for forms on WordPress.org that will accept their input.

The ultimate result of these is that WordPress.org sends far more emails than it should, which causes processing delays on every new support reply, and causes more people to mark WordPress.org emails as spam / unsolicited which affects our ability for legitimate emails to be received.

There's two options I can think of to help out here:

  1. Require an email confirmation before enabling a notification
  2. Disable notifications which trigger too often, ie. If it exceeds 10 per day, disable it.

Change History (1)

#1 @dd32
8 months ago

Additionally, notifications should be disabled/deleted if a user is marked as banned/spammed.

Note: See TracTickets for help on using tickets.