In order to prevent spam bots (that could do more harm than empty editions), we should prevent new users to do more than 1 edition/minute. I propose less than 200 edits (which gives us at least 3h 20' to detect them before they can be unleashed). Justin, Luke, what do you think?
+1, I like this plan. Any user who does comes along and immediately starts to make a lot of positive changes could always talk to us on dev-mdc about having the restriction lifted form their account. It is easy to tell if they are legit or not. Plus any account that tries to make multiple edits per minute could be immediately flagged as suspicious activity, and we could be given a choice of ban user, ban IP, or remove restriction (genuine contributor).
It's a decent feature, but also a bit complicated to enforce. IMO blocking the bots at the registration step (bug 1119532) would be more effective and efficient use of time right now. I'm currently working on the ban-by-IP (bug 1113260)
The django-banish library I'm using for bug 1113260 has a default 75 requests-per-minute throttle, which includes all requests: GETs and POSTs. Does that sound right?
I'm not sure exactly what you mean. This doesn't sound like the same thing to me.
Yeah, sorry it's not the same thing. I'll ask in the other bug.
We have decided to wontfix this during the triage meeting; other spam throttling will reach similar goals.