By using a user account, a spammer can make the robots parse the email addresses of the users. Because the process which grabs the email addresses and the process which sends the spam can be separated, nobody would know from who it comes. The Bugzilla-4.x upgrade is a good point and it still can't block the spammer. Note that this bug is not a duplicate from bug #249123 Reproducible: Always
We could setup recaptcha for the registration of new accounts but we're not going to hide all mail addresses for *all* users.
(In reply to comment #1) > We could setup recaptcha for the registration of new accounts but we're not > going to hide all mail addresses for *all* users. A recaptcha setup will not detect the human users which query bugzilla in order to feed their spam robot.
This should go into the See Also field, but I cannot do it myself: https://bugzilla.mozilla.org/show_bug.cgi?id=218917 This is the upstream bug.
(In reply to comment #2) sorry, but this is just crazy. as soon as you have any human doing something, then the result really doesnt matter. you're proposing making bugzilla a lot less useful to people for the sake of theoretical spam harvesting. if you dont like the way this bugzilla is run, then delete your account.