Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
turn verify by admin back on in General please

Quote:<blockquote data-ipsquote="" class="ipsQuote" data-ipsquote-contentcommentid="15458" data-ipsquote-username="hybrid" data-cite="hybrid" data-ipsquote-timestamp="1320651342" data-ipsquote-contentapp="forums" data-ipsquote-contenttype="forums" data-ipsquote-contentid="4195" data-ipsquote-contentclass="forums_Topic"><div>
<blockquote data-ipsquote="" class="ipsQuote" data-ipsquote-contentcommentid="15395" data-ipsquote-username="feedmebits" data-cite="feedmebits" data-ipsquote-timestamp="1320450670" data-ipsquote-contentapp="forums" data-ipsquote-contenttype="forums" data-ipsquote-contentid="4195" data-ipsquote-contentclass="forums_Topic"><div>haha thx mate :) 

I have an idea though. Isn't it possible that you have to make at least 10 posts before your posts doesn't have to get approved by an admin.

and same for status and posting links. Spammers only post 1-3 posts and spam status updates?

Quite possible to do this -- but we need to fully test the impact this has on new members first. Some of the messages that users get when they hit these limits aren't very user-friendly, and the last thing we'd want to do is put off legitimate users!


Unfortunately, I can't find a way to prevent status updates until a certain post threshold is released.


I agree, just trying to think of ways to get rid or reduce these annoying spammers.


Nuke it from orbit. It's the only way to be sure.

I got another idea though. I think it would be smart to change the email addresses and passwords to some random ones to members that are in the banned group. So that can't relogin via a proxy or something like that?
Anyone in the banned group is given no permissions. If they login, they can't do anything anyway -- not even read the forums, which guests can! Banned accounts are therefore useless, even if you know the password and try and get back in.

The more you block spam accounts, the quicker the spam master discards the account and attempts to re-register another one.


I helped out on one forum where we had a policy of removing posting privs for identified spam accounts but not actually disabling or deleting the account. Spambots would then successfully login and try to inject a new post but never check the results, allowing us to track the login attempts and originating IP addresses, reporting these to the upstream hosting companies as compromised servers or trojaned home machines.


Because we never deactivated the accounts, the botmaster never twigged that the accounts weren't actually spamming. It's kinda treating their spam account as a honeypot.


It doesn't work all the time, but there are times when leaving an open door in front of a snakepit is more effective than locking the door.

Those FW rules really helped. Less spammer whacking to do :)

Forum Jump:

Users browsing this thread: 1 Guest(s)