Managing spam posting

marcinozga

@Obsolesce said in Managing spam posting:

Captcha will help against bots. Try that first. Also, start blocking posts if they contain certain spam phrases. Block known ip spam lists.

Um, it won't. Well, maybe just the ones written by script kiddies. Bots have built-in captcha solving, either with services like anti-captcha or some even include OCR and other advanced logic to solve captcha. Google xrumer or scrapebox.

marcinozga

@Pete-S said in Managing spam posting:

@marcinozga said in Managing spam posting:

Phone # verification. I'm not sure if anything else is effective against spam. Captcha has been ineffective pretty much since introduction, you can buy services in India where they have real people solving captcha in real time for peanuts. Like 2-3k captchas for $2.

If you can buy services in India to solve captchas, maybe you can buy services to identify and remove spam manually as well. And an infinite loop of work is created. :crazy_face:

It would be nice, unfortunately while solving captcha workflow and integration with bots is trivial, catching and removing spam is not. Not to mention potential security implications.

IRJ

Right now, as are pretty much discussing a single bot. Perhaps captcha would solve this bot. There hasnt been many other spam posts that I know about on here.

Alex Jones

@marcinozga said in Managing spam posting:

It doesn't matter what the solution is, spammers will find a way around that. The only way to stop spam is to force them to spend money.

Obsolesce

@marcinozga said in Managing spam posting:

@Obsolesce said in Managing spam posting:

Captcha will help against bots. Try that first. Also, start blocking posts if they contain certain spam phrases. Block known ip spam lists.

Um, it won't. Well, maybe just the ones written by script kiddies. Bots have built-in captcha solving, either with services like anti-captcha or some even include OCR and other advanced logic to solve captcha. Google xrumer or scrapebox.

I was referring to these on here, just assuming it's a single dumb bot.

Otherwise blocking threads with those phrases will help likely perfectly in these cases.

1337

@Obsolesce said in Managing spam posting:

@marcinozga said in Managing spam posting:

@Obsolesce said in Managing spam posting:

Captcha will help against bots. Try that first. Also, start blocking posts if they contain certain spam phrases. Block known ip spam lists.

Um, it won't. Well, maybe just the ones written by script kiddies. Bots have built-in captcha solving, either with services like anti-captcha or some even include OCR and other advanced logic to solve captcha. Google xrumer or scrapebox.

I was referring to these on here, just assuming it's a single dumb bot.

Otherwise blocking threads with those phrases will help likely perfectly in these cases.

For instance any posts having the word "carpet" will be sent to a moderator before being posted.

Obsolesce

Ya there's lots to be done, but the owners haven't been taking it seriously it seems.

Alex Jones

@Obsolesce said in Managing spam posting:

Ya there's lots to be done, but the owners haven't been taking it seriously it seems.

:backhand_index_pointing_up: :thumbs_up:

Danp

Seems like enabling New User Restrictions would help. But this required enough manpower to review the posting queue--

wirestyle22

My thought was just giving some trusted people here moderator status so we can just delete it ourselves. there is at least 5 people willing to do this and we're on here all the time

DustinB3403

@wirestyle22 said in Managing spam posting:

My thought was just giving some trusted people here moderator status so we can just delete it ourselves. there is at least 5 people willing to do this and we're on here all the time

Yeah, it's certainly an option, we know @gjacobse is a moderator, but he seems to be a bit busy and not able to be around as much.

gjacobse

@DustinB3403 said in Managing spam posting:

@wirestyle22 said in Managing spam posting:

My thought was just giving some trusted people here moderator status so we can just delete it ourselves. there is at least 5 people willing to do this and we're on here all the time

Yeah, it's certainly an option, we know @gjacobse is a moderator, but he seems to be a bit busy and not able to be around as much.

yea - a full time non-NTG job will do that to a person. I do what I can or feel like I need to do when I can.

Alex Jones

It’s funny that you need reputation to up/down vote a post, but anyone can post anything they want as a newly registered used

Alex Jones

How about a requirement of a reputation of one to make a post? Then just make people post “I have read and agreed to the rules” on the rules post then any one who isn’t a new member can upvote the post, and bingo they have full access

stacksofplates

Jeff Feeling write an awesome module for Drupal called Honeypot. It adds a field to the register page that when it's filled out the system ignores the registration. That field is hidden with CSS so normal people don't see it but the boys fill it out because it's a field. Not sure if NodeBB had anything like that at all though.

Dashrender

@stacksofplates said in Managing spam posting:

Jeff Feeling write an awesome module for Drupal called Honeypot. It adds a field to the register page that when it's filled out the system ignores the registration. That field is hidden with CSS so normal people don't see it but the boys fill it out because it's a field. Not sure if NodeBB had anything like that at all though.

Sounds like something that could be easily detected, aka avoid, by bots.

JaredBusch

@IRJ said in Managing spam posting:

I think this may be as good of time as any to discuss limiting spam. It's something I haven't really done before other than on WordPress sites which offer many ways to do this.

There are a lot of simple options. @scottalanmiller just needs to pull his head out of his ass on his attitude towards spam accounts.

stacksofplates

@Dashrender said in Managing spam posting:

@stacksofplates said in Managing spam posting:

Jeff Feeling write an awesome module for Drupal called Honeypot. It adds a field to the register page that when it's filled out the system ignores the registration. That field is hidden with CSS so normal people don't see it but the boys fill it out because it's a field. Not sure if NodeBB had anything like that at all though.

Sounds like something that could be easily detected, aka avoid, by bots.

It works really well. You can name the field whatever you want so it's not like it's a default name for every site. It also throws out a registration if it takes longer than the time you define. I think the default is 5 seconds. These methods together catch a ton of bots in my experience.

DustinB3403

@gjacobse said in Managing spam posting:

@DustinB3403 said in Managing spam posting:

@wirestyle22 said in Managing spam posting:

My thought was just giving some trusted people here moderator status so we can just delete it ourselves. there is at least 5 people willing to do this and we're on here all the time

Yeah, it's certainly an option, we know @gjacobse is a moderator, but he seems to be a bit busy and not able to be around as much.

yea - a full time non-NTG job will do that to a person. I do what I can or feel like I need to do when I can.

I wasn't bashing, just making the statement that you are a mod and have been busy

Danp

Maybe they're enjoying the extra traffic. :man_shrugging: