How to eliminate this barrage of crap for $1,000,000

Posted: 7/4/2014 8:20:55 AM
Thierry

From: Colmar, France

Joined: 12/31/2007

It's an international phenomenon. Yesterday we had spammers from Brazil, Cameroon and the USA. Today (up to now) only Bulgaria.

Posted: 7/4/2014 8:06:09 PM
FredM

From: Eastleigh, Hampshire, U.K. ................................... Fred Mundell. ................................... Electronics Engineer. (Primarily Analogue) .. CV Synths 1974-1980 .. Theremin developer 2007 to present .. soon to be Developing / Trading as WaveCrafter.com . ...................................

Joined: 12/7/2007

"It's an international phenomenon. Yesterday we had spammers from Brazil, Cameroon and the USA. Today (up to now) only Bulgaria." - Thierry

Can one be sure about this? - I understand that it is quite easy to "bounce" ones postings etc and make them seem to come from other locations.. even to relay data to other (hopefully willing) servers to scramble IP's and retain anonymity .. There is the TOR browser (I think its a Fire-Fox add-on) that enables the general public to do this (and to "donate" their server for use by TOR so IPs get really muddled), but I suspect there are other methods used by spamming scumbags.

Is forum filtering really the right method of dealing with this blight? - From my engineering perspective, its a bit like trying to get rid of noise in an instrument through filtering, but ignoring the input stage which is collecting the noise.. To me, the input is where the focus should be - The membership subscription, pre-moderation  and authorization to post only being granted following a "vetting" procedure - that or some other strong dis-incentive (such as small membership fee) seems like the only absolutely secure and least complex way to solve the problem.

Forum spamming is obviously quite a large criminal "business" - Whatever "automated" actions or filters one initiates, other sites having the same problem are also likely to eventually initiate - one then ends up with a fairly common set of anti-forum-spam tools to prevent this "business" from operating. This "business" will react in the inevitable way, and become more sophisticated, develop new tools and hacks, and some time down the line we will be getting forum spam again - its likely to be a never ending "arms race".

If this was an engineering problem I was managing, I would call a halt at this point and have a brainstorming session - Put all the issues on the table, and if needed, completely rip-up the existing "design" - Unlike an "arms race" scenario, there is actually nothing to be gained by sophisticating the tools - no commercial or other benefit even if we did manage to "jump ahead" and beat the enemy / competitor for a few years - TW's function isnt to develop anti-spam systems - We need a fix that can be implemented once and will never again need tweaking or modification.

And to my mind, there are only two ways to achieve this - (1) Stop allowing anyone to post simply because they have become a member! Block (pre-moderate) all posts from new members until these posts have been vetted and only allow members the freedom to post without vetting after they have proven themselves. (2) Charge a one-off fee for the "right to post" non spam (membership terminates if they ever do post spam).

" I have CAPTHCAs on new user registration, so we know they're real people and not bots. " - Jason

All that Captcha does is cause potentially genuine members to walk away in frustration - Spammers spend their life reading Captcha and it wont be a problem for them - bots "call home" if they cant decipher the captcha and a human spam employee reads the captcha and decodes it for them. (I was told this by a friend in the IT industry - not sure if its true or just one of these IT tales)

Fred.

Posted: 7/4/2014 10:34:20 PM
Jason

From: Hillsborough, NC (USA)

Joined: 2/13/2005

If we can get the filtering right, I can remove captcha from the sign up process.

Posted: 7/5/2014 1:10:15 PM
Thierry

From: Colmar, France

Joined: 12/31/2007

Why remove the captcha? It's a weak but an additional protection which will not prevent real humans from signing up.

Posted: 7/5/2014 1:18:14 PM
gtc

Joined: 3/30/2012

Don't remove Captcha. It's no big deal for a new member to have to use once.

Where Captcha type schemes drive me to distraction is when I am challenged by one for every transaction on a site. On one such site, I have to solve a small jigsaw puzzle each time by dragging pieces with my mouse. Cute the first time, but just bloody annoying after that.

Posted: 7/5/2014 11:55:13 PM
Jason

From: Hillsborough, NC (USA)

Joined: 2/13/2005

That's a good point.  I have some other ideas to block spammers from signing up, but I'm not going to post them here in case they're paying attention :)

Good news though - so far the spam filter has caught some 50+ posts automatically that never showed up in the forums.  It hasn't caught everything, but it certainly cut down on the problem.

Now, back to our reason for being here in the first place... theremining!

Posted: 7/6/2014 10:57:31 PM
gtc

Joined: 3/30/2012

Thanks for your efforts and well done on the improvement. :-)

Posted: 7/19/2014 4:03:28 PM
Jason

From: Hillsborough, NC (USA)

Joined: 2/13/2005

... And now the comment system is also protected. Death to SPAM!

Posted: 7/19/2014 5:04:33 PM
FredM

From: Eastleigh, Hampshire, U.K. ................................... Fred Mundell. ................................... Electronics Engineer. (Primarily Analogue) .. CV Synths 1974-1980 .. Theremin developer 2007 to present .. soon to be Developing / Trading as WaveCrafter.com . ...................................

Joined: 12/7/2007

Amen!

Many thanks, Jason! - You seem to have done it!

Fred.

Posted: 7/19/2014 11:52:18 PM
RoyP

From: Scotland

Joined: 9/27/2012

Thanks for all of your efforts Jason.

 

Roy

You must be logged in to post a reply. Please log in or register for a new account.