Managing spam posting



  • I think this may be as good of time as any to discuss limiting spam. It's something I haven't really done before other than on WordPress sites which offer many ways to do this.

    What are some unobtrusive things that can decrease spams?

    Is captcha still effective?



  • Phone # verification. I'm not sure if anything else is effective against spam. Captcha has been ineffective pretty much since introduction, you can buy services in India where they have real people solving captcha in real time for peanuts. Like 2-3k captchas for $2.



  • @marcinozga said in Managing spam posting:

    Phone # verification. I'm not sure if anything else is effective against spam. Captcha has been ineffective pretty much since introduction, you can buy services in India where they have real people solving captcha in real time for peanuts. Like 2-3k captchas for $2.

    Phone number verification is not well liked around here. I don't like having phone number tied either as it can be faked or you lose anonymity.



  • Minimum reputation to make new topics? I know it's an old concept, and I believe it's already been discussed here, but it seems like it would be an effective solution.



  • There is so many ways to handle this - I am surprised it hasn't been addressed yet...



  • @bnrstnr said in Managing spam posting:

    Minimum reputation to make new topics? I know it's an old concept, and I believe it's already been discussed here, but it seems like it would be an effective solution.

    Not sure that would be workable

    Be deleting posts in threads rather than just that thread...

    That’s a @scottalanmiller question



  • Maybe start with the tools that the platform provides?

    https://www.npmjs.com/package/nodebb-plugin-spam-be-gone



  • It doesn't matter what the solution is, spammers will find a way around that. The only way to stop spam is to force them to spend money.



  • Captcha will help against bots. Try that first. Also, start blocking posts if they contain certain spam phrases. Block known ip spam lists.



  • @marcinozga said in Managing spam posting:

    Phone # verification. I'm not sure if anything else is effective against spam. Captcha has been ineffective pretty much since introduction, you can buy services in India where they have real people solving captcha in real time for peanuts. Like 2-3k captchas for $2.

    If you can buy services in India to solve captchas, maybe you can buy services to identify and remove spam manually as well. And an infinite loop of work is created. 🤪



  • @Obsolesce said in Managing spam posting:

    Captcha will help against bots. Try that first. Also, start blocking posts if they contain certain spam phrases. Block known ip spam lists.

    Um, it won't. Well, maybe just the ones written by script kiddies. Bots have built-in captcha solving, either with services like anti-captcha or some even include OCR and other advanced logic to solve captcha. Google xrumer or scrapebox.



  • @Pete-S said in Managing spam posting:

    @marcinozga said in Managing spam posting:

    Phone # verification. I'm not sure if anything else is effective against spam. Captcha has been ineffective pretty much since introduction, you can buy services in India where they have real people solving captcha in real time for peanuts. Like 2-3k captchas for $2.

    If you can buy services in India to solve captchas, maybe you can buy services to identify and remove spam manually as well. And an infinite loop of work is created. 🤪

    It would be nice, unfortunately while solving captcha workflow and integration with bots is trivial, catching and removing spam is not. Not to mention potential security implications.



  • Right now, as are pretty much discussing a single bot. Perhaps captcha would solve this bot. There hasnt been many other spam posts that I know about on here.



  • @marcinozga said in Managing spam posting:

    It doesn't matter what the solution is, spammers will find a way around that. The only way to stop spam is to force them to spend money.

    bc5e8d90-f68d-4bf3-b04a-a517904b5d83-image.png



  • @marcinozga said in Managing spam posting:

    @Obsolesce said in Managing spam posting:

    Captcha will help against bots. Try that first. Also, start blocking posts if they contain certain spam phrases. Block known ip spam lists.

    Um, it won't. Well, maybe just the ones written by script kiddies. Bots have built-in captcha solving, either with services like anti-captcha or some even include OCR and other advanced logic to solve captcha. Google xrumer or scrapebox.

    I was referring to these on here, just assuming it's a single dumb bot.

    Otherwise blocking threads with those phrases will help likely perfectly in these cases.



  • @Obsolesce said in Managing spam posting:

    @marcinozga said in Managing spam posting:

    @Obsolesce said in Managing spam posting:

    Captcha will help against bots. Try that first. Also, start blocking posts if they contain certain spam phrases. Block known ip spam lists.

    Um, it won't. Well, maybe just the ones written by script kiddies. Bots have built-in captcha solving, either with services like anti-captcha or some even include OCR and other advanced logic to solve captcha. Google xrumer or scrapebox.

    I was referring to these on here, just assuming it's a single dumb bot.

    Otherwise blocking threads with those phrases will help likely perfectly in these cases.

    For instance any posts having the word "carpet" will be sent to a moderator before being posted.



  • Ya there's lots to be done, but the owners haven't been taking it seriously it seems.



  • @Obsolesce said in Managing spam posting:

    Ya there's lots to be done, but the owners haven't been taking it seriously it seems.

    👆 👍



  • Seems like enabling New User Restrictions would help. But this required enough manpower to review the posting queue--

    4ffe3b1a-bb75-466c-a43e-0f8f9f8cc809-image.png



  • My thought was just giving some trusted people here moderator status so we can just delete it ourselves. there is at least 5 people willing to do this and we're on here all the time


  • Banned

    @wirestyle22 said in Managing spam posting:

    My thought was just giving some trusted people here moderator status so we can just delete it ourselves. there is at least 5 people willing to do this and we're on here all the time

    Yeah, it's certainly an option, we know @gjacobse is a moderator, but he seems to be a bit busy and not able to be around as much.



  • @DustinB3403 said in Managing spam posting:

    @wirestyle22 said in Managing spam posting:

    My thought was just giving some trusted people here moderator status so we can just delete it ourselves. there is at least 5 people willing to do this and we're on here all the time

    Yeah, it's certainly an option, we know @gjacobse is a moderator, but he seems to be a bit busy and not able to be around as much.

    yea - a full time non-NTG job will do that to a person. I do what I can or feel like I need to do when I can.



  • It’s funny that you need reputation to up/down vote a post, but anyone can post anything they want as a newly registered used 🤔



  • How about a requirement of a reputation of one to make a post? Then just make people post “I have read and agreed to the rules” on the rules post then any one who isn’t a new member can upvote the post, and bingo they have full access 🙂



  • Jeff Feeling write an awesome module for Drupal called Honeypot. It adds a field to the register page that when it's filled out the system ignores the registration. That field is hidden with CSS so normal people don't see it but the boys fill it out because it's a field. Not sure if NodeBB had anything like that at all though.



  • @stacksofplates said in Managing spam posting:

    Jeff Feeling write an awesome module for Drupal called Honeypot. It adds a field to the register page that when it's filled out the system ignores the registration. That field is hidden with CSS so normal people don't see it but the boys fill it out because it's a field. Not sure if NodeBB had anything like that at all though.

    Sounds like something that could be easily detected, aka avoid, by bots.



  • @IRJ said in Managing spam posting:

    I think this may be as good of time as any to discuss limiting spam. It's something I haven't really done before other than on WordPress sites which offer many ways to do this.

    There are a lot of simple options. @scottalanmiller just needs to pull his head out of his ass on his attitude towards spam accounts.



  • @Dashrender said in Managing spam posting:

    @stacksofplates said in Managing spam posting:

    Jeff Feeling write an awesome module for Drupal called Honeypot. It adds a field to the register page that when it's filled out the system ignores the registration. That field is hidden with CSS so normal people don't see it but the boys fill it out because it's a field. Not sure if NodeBB had anything like that at all though.

    Sounds like something that could be easily detected, aka avoid, by bots.

    It works really well. You can name the field whatever you want so it's not like it's a default name for every site. It also throws out a registration if it takes longer than the time you define. I think the default is 5 seconds. These methods together catch a ton of bots in my experience.


  • Banned

    @gjacobse said in Managing spam posting:

    @DustinB3403 said in Managing spam posting:

    @wirestyle22 said in Managing spam posting:

    My thought was just giving some trusted people here moderator status so we can just delete it ourselves. there is at least 5 people willing to do this and we're on here all the time

    Yeah, it's certainly an option, we know @gjacobse is a moderator, but he seems to be a bit busy and not able to be around as much.

    yea - a full time non-NTG job will do that to a person. I do what I can or feel like I need to do when I can.

    I wasn't bashing, just making the statement that you are a mod and have been busy



  • Maybe they're enjoying the extra traffic. 🤷♂


Log in to reply