Fighting Spam..Thoughts?

Discussion in 'Site Announcements' started by ryanvade, Dec 9, 2013.

  1. ryanvade

    ryanvade Administrator Staff Member Staff Writer

    Messages:
    1,273
    Likes Received:
    431
    Trophy Points:
    83
    Okay, the spam on the forums and groups is getting ridiculous. I spend more time fighting the spam then actually helping users.

    I have a few proposed anti-spam forum addons that I think should be used and I want to know what the community thinks.

    1. Integration with Stop Forum Spam .com which is a list of known spammers IP, email, and usernames. When someone creates an account on the forums, their information is checked with the list. If they are a known spammer, either the forum can stop them from creating an account or an Admin is notified.
    http://www.stopforumspam.com/

    2. Only long-time members can make groups. Simple enough.

    3. Longer "new user" status. From what I have seen, the spammers are getting around the new-user status by posting a non-spam post; then they spam.

    4. Each IP can only have one account. This is a bit harder to accomplish and is probably not a good idea. But it is an option.

    5. ZB Block.
    http://www.spambotsecurity.com/zbblock.php

    If anyone knows of other good Anti-spam tools, please post a link bellow.

    If enough "likes" or posts get in this thread, maybe we can convince the higher-ups to get better anti-spam.


    :)
    DevynCJohnson likes this.
  2. lobo

    lobo Active Member

    Messages:
    130
    Likes Received:
    74
    Trophy Points:
    28
    Bad idea as users with dynamic IP addresses which spammers have been using, or tor users (like me) get banned as well.
    Putting a post/join date limit on that seems acceptable.
    At least they reveal themselves early on? Otherwise you would have e.g. 10 posts of inane crap before the ads appear...
    Unenforceable and see my comments regarding dynamic IP ranges / tor above.
    They probably use it on their own site and it blocks tor as well - so more IP banning. I don't see xenforo mentioned anyway?
    Better captcha, more controls on who can post links, etc, makes spammers more manageable, without locking out innocent users.
    DevynCJohnson likes this.
  3. MikeyD

    MikeyD Active Member

    Messages:
    232
    Likes Received:
    112
    Trophy Points:
    43
    A captcha would definitely help cut down and would probably be more cost-effective to implement. I also don't have a problem with #2, new users shouldn't need the right to create groups or if they need to just let people know they can PM an admin to request it be created.

    I found a post listing some steps other hosts used:

    1. To post on my site you have to register.
    2. Activated email verification
    3. Activate Image Verification
    4. Banned 'free' email domains many spammers use
    5. To post they have to type in the image verification image.
    6. I stopped showing the option to use [urlwww.here.html[/url] and still they managed to post with their spam links

    Heres the link:
    http://www.vbulletin.com/forum/foru...-troubleshooting/223670-how-to-stop-spam-bots

    In the last post he mentions the above steps didn't work right away but within 5 months he was spam-free. If you can track the traffic to see if its coming from a specific domain or area that may help, but with the amount of traffic this site gets I figure that may be difficult.
    DevynCJohnson likes this.
  4. arochester

    arochester Well-Known Member

    Messages:
    855
    Likes Received:
    277
    Trophy Points:
    63
  5. ryanvade

    ryanvade Administrator Staff Member Staff Writer

    Messages:
    1,273
    Likes Received:
    431
    Trophy Points:
    83
    I just got a PM from @Rob . Some new anti-spam changes have been made. So far I am not seeing any changes...
  6. Rob

    Rob Administrator Staff Member

    Messages:
    575
    Likes Received:
    225
    Trophy Points:
    43
    yeah - we'll be working on this today.. also tired of the spammers.. they've stepped it up! heh
  7. mike

    mike Guest

    All groups should be spam free later today. Rather then just wiping them, we are going though each one to make sure the spammer is IP banned. We also put into place higher restrictions to be able to create a new group.
    DevynCJohnson likes this.
  8. lobo

    lobo Active Member

    Messages:
    130
    Likes Received:
    74
    Trophy Points:
    28
    Which will not help as they will never post from the same IP addresses. As I explained above these types of spam countermeasures will just block a lot of innocent users.
  9. DevynCJohnson

    DevynCJohnson Well-Known Member Staff Member Staff Writer

    Messages:
    1,336
    Likes Received:
    1,074
    Trophy Points:
    113
    #2 - Maybe the "Groups" should be entirely removed (it looks like it has now). The "Groups" page has not been used much anyway.

    I disagree with #4. For example, some universities (like ITT Tech) may have a group of students sign of for a Linux.org account for a Linux class. Since all out going data from the building would be the same IP address, only the first student would get an account. Also, what about people accessing the site and getting an account while at a library or coffee shop with a wifi hotspot?

    #3 - Maybe instead of users getting an account instantly, they must get the account approved by a staff member. Maybe the new user will be required to offer some proof of a legitimate desire to use Linux.org (correctly).
    Haider92 and Mitt Green like this.
  10. DevynCJohnson

    DevynCJohnson Well-Known Member Staff Member Staff Writer

    Messages:
    1,336
    Likes Received:
    1,074
    Trophy Points:
    113
    Many spammers post a web-link on their profile page's status. Can the system flag that user if such activity is seen?
    Haider92 likes this.
  11. DevynCJohnson

    DevynCJohnson Well-Known Member Staff Member Staff Writer

    Messages:
    1,336
    Likes Received:
    1,074
    Trophy Points:
    113
    I have another idea. Comments and posts should have a set minimum amount of characters and should not just be a web-link.

    For example, a post should not just be

    "Linux.org"

    Instead, the post should look more like

    "The answer to your question can be found here on this page (Linux.org). Good luck!"
    Haider92 likes this.
  12. Rob

    Rob Administrator Staff Member

    Messages:
    575
    Likes Received:
    225
    Trophy Points:
    43
    We've had the following in place (among other things):
    1. The forum checks the user's IP address against stopforumspam.com
    - This is one of the most widely used spammer databases out there. It also allows for people who may be on a spammer's old IP to clear the IP so that they can register.

    2. The forum checks how long it took for the user to fill out the registration form
    - If it is too quick (too quick for a human to fill it out) it won't allow registration

    We've added:
    1. Users with less than 7 days on the forum, less than 10 posts, and less than 1 like are in a 'newbie' group
    - The newbie group can't post links or signatures
    - Once a user has been registered for 7 days, has 11 or more posts and at least 1 like, they get auto-promoted into the regular user group
    - All users currently meeting the 'newbie' standards were set to newbie in the user db

    2. Removed the groups section

    3. Tweaked some registration settings

    4. Added hidden fields to registration form (bots/software will fill them out, and won't be allowed to register)

    5. Added more spammer DBs to check for spammer IPs
    |)/-\|) and DevynCJohnson like this.
  13. DevynCJohnson

    DevynCJohnson Well-Known Member Staff Member Staff Writer

    Messages:
    1,336
    Likes Received:
    1,074
    Trophy Points:
    113

    I like the changes. Good thinking!
    Haider92 likes this.
  14. Cyber-Berserker

    Cyber-Berserker Active Member

    Messages:
    232
    Likes Received:
    139
    Trophy Points:
    43
    I like #4. It looks like something that may be effective against bots.
    The only problem I have with #1 is the like requirement. A week and ten posts is not too onerous for new members, but why include the need for a like? It is irrelevant.
    Rob likes this.
  15. Rob

    Rob Administrator Staff Member

    Messages:
    575
    Likes Received:
    225
    Trophy Points:
    43
    I liked your post ;)

    The 1 like makes sure that the new user isn't just waiting 7 days and posting 10 useless posts..
  16. Cyber-Berserker

    Cyber-Berserker Active Member

    Messages:
    232
    Likes Received:
    139
    Trophy Points:
    43
    What if the new member is a newbie and is only a****g questions and a****g for the answers to be explained further? That person would be unlikely to have any likes.
  17. Rob

    Rob Administrator Staff Member

    Messages:
    575
    Likes Received:
    225
    Trophy Points:
    43
    Then they wouldn't be able to have a sig or post links until they earned a like.. either by helping another user.. posting something productive.. etc..
  18. cenyebin

    cenyebin New Member

    Messages:
    24
    Likes Received:
    2
    Trophy Points:
    3
    I like this post .thanks
  19. |)/-\|)

    |)/-\|) Member

    Messages:
    30
    Likes Received:
    11
    Trophy Points:
    8
    What would be really great is if all of the raw programing talent on this sight could get together and build a spam-bot killer....;)
    DevynCJohnson likes this.
  20. DevynCJohnson

    DevynCJohnson Well-Known Member Staff Member Staff Writer

    Messages:
    1,336
    Likes Received:
    1,074
    Trophy Points:
    113
    My programming specialty is artificial intelligence, so we already have some feasibility.
    Haider92 likes this.

Share This Page