| View previous topic :: View next topic |
| Enforce login mechanism to post? |
| Yes |
|
61% |
[ 8 ] |
| No |
|
38% |
[ 5 ] |
|
| Total Votes : 13 |
|
| Author |
Message |
dylan
|
 Posted: Tue Aug 01, 2006 2:15 pm Post subject: Lots of spam lately |
 |
|
The forum has been getting hit pretty hard lately by spam.
Perhaps its time we enforce a login mechanism? I'd like to see what the people think about this, in a democratic manner. So, I'm putting up a poll.
|
|
|
 |
r7
|
| Posted: Tue Aug 01, 2006 4:40 pm Post subject: Re: Lots of spam lately |
|
|
| dylan wrote: | | The forum has been getting hit pretty hard lately by spam. |
and notice how quickly it disappears...
| dylan wrote: | | Perhaps its time we enforce a login mechanism? I'd like to see what the people think about this, in a democratic manner. So, I'm putting up a poll. |
i have voted no. i think a more constructive course of action would be for more folk to take a more active role in deleting spam. anyone want to moderate a forum?
|
|
|
|
jebba
|
| Posted: Tue Aug 01, 2006 6:02 pm Post subject: |
|
|
doh. i'm dumb. i meant to vote "no". Minus one for yes, plus one for no. ;)
|
|
|
|
Jason
|
| Posted: Tue Aug 01, 2006 6:44 pm Post subject: |
|
|
I vote no. I mean we got enough people with mod status to note IP, delete post and ban IP. The only thing that gives away spam exists here is the user list something we can deal with if it becomes out of control. It takes 1 minute to create an account to spam with and just 5 seconds to delete it.
|
|
|
|
stevo32
|
| Posted: Tue Aug 01, 2006 10:34 pm Post subject: |
|
|
I voted no. I just wish Jeff would let me & r7 have access to the firewall so we can add 'em in without going through jebba (of course, I understand that would have some security implications too...).
Thanks,
Stephen Clement
|
_________________
E-mail me at s.clement@localhost (replace localhost with sympatico.ca) or stevo32@localhost (replace localhost with blagblagblag.org). |
|
|
dylan0
|
| Posted: Wed Aug 02, 2006 1:28 pm Post subject: |
|
|
I wouldn't mind moderating this forum, but I am very busy getting a Free Software convention started in my hometown before school begins, so I'm very busy.
I mean, I can't tell some little kid to come here for help if there's p0rn spam in the forums. But as long as its moderated, I guess there's no problem?
|
|
|
|
jebba
|
| Posted: Wed Aug 02, 2006 4:19 pm Post subject: |
|
|
Well, you can't tell a kid to go on the net period, then.
We get hit by a lot of spam, but we also clean up very quickly.
|
|
|
|
Praxis
|
| Posted: Wed Aug 02, 2006 5:54 pm Post subject: |
|
|
While its true that you guys do a fantastic job of cleaning up the spam quickly, what vexes me is that I like to check out posts that were made since the last time I logged in. And I'm 8 hours out of sync with the forum maintainers, so a lot of spam has built up by the time I check the forum. So about half the time I'm checking out posts that have been modified by a nice fresh hunk of spam. Also, this means I get to see a lot more spam than someone just randomly browsing the forums for interesting subjects or doing a search.
I like the notion of being able to post to the forum without mucking with registration. I love the Bugmenot Firefox extension. http://roachfiend.com/archives/2005/02/07/bugmenot/ It enables me to visit news web sites without bothering with registration. But the purpose of those registrations is to track you for marketing purposes and send you unsolicited email. Forum registration is to keep other forum users from being annoyed by similar commercial solicitations.
I don't think the forum needs one of those 'hit the link in the return email' registration processes, because I think the spam is probably being generated by bots. Maybe just 'pick a username and a password' login, supplemented by one of those little glyphs that requires you to type in a fuzzy number.
The glyph seems necessary because the bots seem to be forming spam accounts at a geometric rate. Look at page 3 of the memberlist and the vast majority of accounts seem to be from real people and were added over a period of almost 3 months. On page 41 all of the usernames look like spammers and they accumulated in less than 1 day.
On the other paw, maybe just adding a couple of moderators would be sufficient, at least in the short term.
I don't think this should be a democratic decision, in the sense of one poster, one vote. Most of us aren't doing much of the important work, so I think those that are doing most of the grunt work should make the decision. And since folks like jebba, r7, Jason & stevo32 seem to be against requiring registration, that should be decisive, but I'm just posting my opinion for them to see the "reasoning" of those who think otherwise.
|
|
|
|
jebba
|
| Posted: Wed Aug 02, 2006 6:24 pm Post subject: |
|
|
The "fuzzy number" thing you are referring to is often called "captcha". See this wikipedia entry:
http://en.wikipedia.org/wiki/Captcha
Captcha is probably the most effective way to block web spam bots. It does have a small drawback in that some people can't read them for one reason or another (an obvious one being blind people that use screen readers). Also, every time you put up one more hurdle for people to go over, you lose people.
Right now we're in the process of moving the forums from one of my boxes to Jason's. The phpBB crowd has created a number of extensions to help with spam and such. Perhaps Jason will have time to look more deeply into it.
As much as I don't really like them, i think a captcha solution would be a decent middle ground (note to Jason: I think it requires ImageMagick's `convert` program).
Thanks,
-Jeff
|
|
|
|
Jason
|
| Posted: Fri Aug 04, 2006 8:21 am Post subject: |
|
|
Well most of the spam has now gone. This includes the user accounts. We went from just over 2100 or so down to less than 600. Not all of these remaining are active by any means because we aren't deleting people with 0 posts. The accounts deleted were those with 0 posts AND a link to a rogue website. This was a manual process so undoubtedly I have missed a few. If anyone sees any I missed, just message me or one of the admins and we can delete it. We are banning the IP's of the spammers server wide as a counter measure.
Captcha is cool and has its purposes but would get in the way here I feel. I know of someone who makes use of captcha per POST. How frigging annoying is that!
I know sometimes threads see a lot of spam but it will never be there for more than a few hours that is for sure. So it is not really a problem.
|
|
|
|
jebba
|
| Posted: Fri Aug 04, 2006 5:14 pm Post subject: |
|
|
Thanks Jason!
|
|
|
|
ewl
|
| Posted: Tue Aug 22, 2006 1:46 pm Post subject: |
|
|
I check the forums a lot. If you felt safe giving me access I would like to volunteer deleting them. It would be a way for me to give something back to the project.
|
_________________
Ed LaBonte |
|
|
jebba
|
| Posted: Tue Aug 22, 2006 4:55 pm Post subject: |
|
|
ewl, pop around to #blag in irc.indymedia.org and me, stevo32, or r7 can get you set up.
-Jeff
|
|
|
|
john maclean
|
| Posted: Tue Aug 22, 2006 11:34 pm Post subject: |
|
|
also have a look at the settings in your account if you have registered. There's an option to have a notification of new posts in your email. you'll emailed something like
"forums... you have been sent this email because you have chosen to watch new topics and posts. if you want to see the post, click here <url> and if you no longer want to watch this topic click here <url> ..."
with which you will be taken directly to that new post. If it's spam` rm` and it's gone. That's how I deal with it. I don't think that it's ever there for more than a couple of hours.
Notify the chaps at irc.indymedia.org #diespamdie of the IP address of the spammer.
|
_________________
BLAG 'em up! |
|
|
|
