Thread: JCSref comments spammed
View Single Post
FQuist

JCF Member

Joined: Sep 2001

Posts: 3,251

FQuist is an asset to this forumFQuist is an asset to this forum

Jan 27, 2007, 11:57 AM
FQuist is offline
Reply With Quote
Sort of. You could best search for some articles on the subject. There are bound to be many. I will quickly sketch a few explanations of things you can do:

1. Disable anonymous posting. Spambots love anonymity. While some forums might want to allow anonymity, in these days it is only possible if you have exquisite spam protection (see other points). Unless you have such protection, be wary of allowing anonymous users to post.

2. Enable CAPTCHA / install a CAPTCHA plugin. These "note down the symbols in the image" plugins count on bots not being able to read images. In a lot of instances, they cannot. In some, they can. Spambots are being trained to crack more and more CAPTCHA types. Still, some will help a lot. Most forum software will either have options or plugins available to enable captcha plugins, either before posting or during registration. The JCF has CAPTCHA enabled

3. Raise hurdles. Spambots look for forms that they can put their spam in, and submit. Most of them are automatic, even if some are not. Spambots are sometimes trained by humans to work with certain sites. Spambots have no problem registering to J2O, for example, even though the site is homemade. Still, if you add hurdles, like, say, an extra checkbox you need to check before you can post (our wiki and submit news forms both use techniques such as these to prevent spam and it works great), many spambots will be foiled. I'm not sure if I should go into the system the JCF uses, but we have a 'hurdle' against spambots, an idea by Link, and since we've implemented it we've had (virtually?) no spam. The downside of hurdles is that spam bots may learn to overcome them.

4. Use distributed spam protection. Some software, I don't remember the name, but google will help you, enables you to connect / talk to a central server that contains IPs of known spammers, or lists of common spam words / phrases. Akismet is an example. Many blog software (and perhaps forums) have plugins to work with Akismet.

I will probably use approach 3 for jcs.REF. It worked well enough for J2O so far. In the end, Spam is pretty much way too strong, defeating most existing systems slowly. I've (manually, mostly one by one) deleted at least 10,000 spam messages on my blogs so far, for example, that passed the protection I had installed but which the spam software learned to foil.
__________________
“The truth is that everything that can be accomplished by showing a person when he's wrong, ten times as much can be accomplished by showing him where he is right.” - Robert T. Allen

Interesting Jazz-related links:
Thread: Gameplay Theories - Thread: Make Up Your Own Gametype

Spotify.fm