I wanted to run something by the general forum public before I went ahead and implemented it, partially for feedback and partially as a notice about the general situation. If you hadn't noticed, we've had a bit of a spam problem for the last several months. While I'm sure many of you have noticed spam posts showing up occasionally, the issue has been much more problematic than you probably realize. The total number of bots that have attempted to hit the forums over the past few months is in excess of 50 million. At one point we were getting approximately 1.3 million spambot registration attempts every day. We've adapted our protection over time to combat this influx and as of a few weeks ago I believe we finally stopped all fully automated bots from registering on the forum. I believe that all of the spam you are seeing now is by spam accounts which were created with human assistance. Unfortunately, there's nothing we can do about spammers who use humans to bypass our security system. Some of those spammers will always get through on any forum that does not pre-screen every single registration attempt, and that's not really an option for the Org for many reasons.

A pattern I have noticed in the spam posts that are still getting through is that they immediately post links in their posts, pretty much always to pirated movies of some kind. As a result, I have proposed to the staff that we add on a new level of protection that prevents newly registered members from posting links in their first X posts (I have suggested X = 3). I'm not sure how well this will work, but I believe it is worth a try. However, this does somewhat revert Org's policy on new member posting freedom which we've been opening up ever since we abolished the Junior Member system many years ago. As such, I want to get some opinions and commentary on this situation before I go any further. Please let me know what you think of this proposal.

But if they're human assisted, they're just post three regular posts then the links, won't they?

Another (possible) solution is to have the first 1/2 posts moderator approved.

But if they're human assisted, they're just post three regular posts then the links, won't they?

Possibly, but they might not be that committed to the situation. It's probably just a sweatshop somewhere using humans to bypass Captcha checks. The posts themselves are probably just cut and paste, or maybe even automated. If it proved ineffective, I'd remove the restriction anyway.


Another (possible) solution is to have the first 1/2 posts moderator approved.

Frankly, I don't think we have the manpower to do that kind of system well. It could take days for some posts to get approved, depending on the forum, and that would likely frustrate new members into not returning.

Worth trying; you seem to block most of them anyhow.

Worth trying, as others have posted. If it works, great, if it doesn't we scrap it.

Could just limit it to one post couldn't you....

Most of the spam bots I see only usually make one post anyway and I can't imagine too many new members put a link in their first post...

Could even introduce a warning after the posters first post telling him a link isn't allowed in a first post. I assume a bot wouldn't get through that?

I actually added a different spam security system yesterday and it's still in testing mode. The new layer is supposed to scan the first X (currently 5) posts a person makes on the forum for spam-like content and then put the posts in moderation (invisible to non-staff) if they're found to be positive. Staff can then approve the posts if they're legit or delete them if they're spam and nuke the account. So far we haven't actually had any bots slip through the registration checks so I can't tell yet whether it's effective. I'm going to monitor it for a few weeks and see how it does before I think further about the method I proposed in the OP.

[edit] Well, appears that one has already gotten through and was not picked up by the new system. That's disheartening. I'll continue to monitor it for a while though.


I assume a bot wouldn't get through that?

I don't know. As I said, the bots that are still getting through are likely human-assisted, so it's entirely possible that humans could be doing the posting and thus get around the block.

:laugh4:

Sorry the edit made me laugh a little. I would imagine it is better that a few bots get through the new system rather than it starts deleting (or making invisible to regular users) posts of genuine new members...

Also my mistake I just assumed the human assistance would come in the form of Captchas only rather than other stages of the process as well.

Just got another Spam post in the Rome2 forum.

I wanted to run something by the general forum public before I went ahead and implemented it, partially for feedback and partially as a notice about the general situation. If you hadn't noticed, we've had a bit of a spam problem for the last several months. While I'm sure many of you have noticed spam posts showing up occasionally, the issue has been much more problematic than you probably realize. The total number of bots that have attempted to hit the forums over the past few months is in excess of 50 million. At one point we were getting approximately 1.3 million spambot registration attempts every day. We've adapted our protection over time to combat this influx and as of a few weeks ago I believe we finally stopped all fully automated bots from registering on the forum. I believe that all of the spam you are seeing now is by spam accounts which were created with human assistance. Unfortunately, there's nothing we can do about spammers who use humans to bypass our security system. Some of those spammers will always get through on any forum that does not pre-screen every single registration attempt, and that's not really an option for the Org for many reasons.

A pattern I have noticed in the spam posts that are still getting through is that they immediately post links in their posts, pretty much always to pirated movies of some kind. As a result, I have proposed to the staff that we add on a new level of protection that prevents newly registered members from posting links in their first X posts (I have suggested X = 3). I'm not sure how well this will work, but I believe it is worth a try. However, this does somewhat revert Org's policy on new member posting freedom which we've been opening up ever since we abolished the Junior Member system many years ago. As such, I want to get some opinions and commentary on this situation before I go any further. Please let me know what you think of this proposal.

I think it's a great idea, except I would make X = 10. I think 3 is way too low, even 5 sounds a bit low to me.

The only thing I can think of that would me somewhat frustrating is for new members who sign up in order to drum up visibility and support for their projects and mods by providing links. On the other hand, there's something to be said about introducing oneself first, and making an attempt to "participate" in our community before launching into a spiel.

Making X = 10 to me seems like a much greater incentive to discontinue the casual "human spam bots", because it increases their work more than threefold in order to even get to the point of posting spam links.

:bow:

Dont know if you have already implemented this mate, but i think you should. It seems effective enough and we are all tired of spams so i say go for it.

Links can no longer be posted on the Org by anyone who has made fewer than 3 posts. We'll see how that works and adjust accordingly.

Links can no longer be posted on the Org by anyone who has made fewer than 3 posts. We'll see how that works and adjust accordingly.

Well thats good news. I really hope that it works mate.

Sorry to bump, but did this really happen? I'm seeing plenty of spambot posts lately, all containing links.

They adapted: they post 3 posts and then edit in links.

Is there any other ideas? I've also been seeing a ton of spam lately. By making a limit wouldn't the bots/ spammers just clutter the forums more?

Don't want the .Org to be as cluttered as TWC.

Any other filters/ tools that can counter spammers? I'm interested in this.

Do we collect stats on registered account email address domains? Several of the bots I have gibbed lately seem to have registered with one disposable email service. Can we filter on these or is this too restrictive for new users?

We currently use a wide range of measures to block spammers, including registration checks (bans on specific IP addresses, usernames, email addresses) as well as checks/restrictions on initial posts and so on. In the main these are very successful, blocking literally millions of spam bot registrations.

The spammers that are still getting through are almost certainly at least human-aided. There's not a lot we can do to prevent this without impacting on genuine attempts to register.

We can explore wider IP range exclusions, bans on certainly email providers and the like if the problem gets noticeably worse.

We'll try to think about more measures.

In the meanwhile, you can actively help us fighting the spam horde, by reporting every spam post and thread you encounter.

We'll try to think about more measures.

In the meanwhile, you can actively help us fighting the spam horde, by reporting every spam post and thread you encounter.

You already had it, restriction to the Entrance Room before aquiring the membership to post in the other sections. That worked great. Backroom is still free of spam but it would be better if it would be invite/request only again. The pictures and stories aren't possible in an open forum everybody can see, cue: our MRD. I'd love to hear more but it's impossible like this

Not sure if it's getting better or worse, but it still problematic. Have certain e-mail providers already been blocked, cause I think that might actually do the trick. While the post limit for url's has probably backfired as all accounts post 3 topics in a row.

Welcome to our newest member, Andres

:thinking:

EDIT: His title is "Administrator". They're getting clever...

Yes, they are.

New registrations are suspended for the time being.

How can a new member register with an existing users name...? Seems more like an exploit in vBulletin.

How can a new member register with an existing users name...? Seems more like an exploit in vBulletin.

Indeed, that appears to be exactly what it is. It's from a new vb hack that popped up recently. Fortunately we have secondary security measures that appear to have prevented the hacker from causing any harm. Registrations will likely remain offline for a few days while we make sure we've got the exploit handled, but there shouldn't be any cause for alarm at this point.