Daily spam, like every single day same thing?
-
Posting rate limit until certain criteria meet to establish credibility of account.
Criteria could be a combination of a variety of conditions. Such as, account age, # of their threads that have been replied to by members and/or some number of members who have met criteria.
So that a newbie account can obtain timely assistance always allow them to reply within their thread once there is a reply by an established member.
It's all about requirements for establishing ones self within the community.
-
Whatever spam protections we have active are being worked around yet again. It's an ongoing fight. The last few days I've noticed they have been coming from a wider array of IP addresses, often multiple attempts per user, so it's probably a botnet at the heart of it.
I'm not sure if anything else might have changed on our side or if it's just an anti-spam measure that was recently worked around by whatever software the bots are running now.
We might be able to look into some different SMF anti-spam controls, which might help again for a little while.
If a question is static, it just takes one human to plug in the answer to their bot before it's broken again, so something dynamic is better.
The devs reccomend having many (20 to 30) registration questions. You can then set the number of questions which must be answered such as 3 to 5 for registration. The forum software will randomly rotate the questions to be answered from the ones you have set to keep the bots from automatically answering them. Obviously this may not help if there is an actual person on the other end registering a spam account but from what the devs at SMF say this is a fairly effective method of keeping the bots away.
-
Multi language questions!
-
If it's bots, many of them won't run client side scripts. If they do it makes them vulnerable to counter attack. So if that is the case, that they are bots, then some well crafted dynamic JS may eliminate the vast majority of them without even being noticed by real users.
-
Make every newbie's first two posts mod approved. Hard to post something on topic in a technical forum if you are a spammer and have no clue otherwise.
-
I didn't notice them morning, but my morning routine was disrupted and I wasn't on the board as early as normally am.. I am quite often checking around 5-530ish chicago time. And normally they are always there. But didn't get on this morning, maybe the mods already deleted them now?
Maybe the group using pfsense forums as message exchange with their coded messages are on vacation? ;) Maybe they got arrested? ;)
Problem I see with mod approval for first few messages is that is just more work for the mod, vs deleting spam and their accounts their having to approve all new members posts, etc.
Guess another option is just more eyes on it? I would be happy help move/delete spam.. Maybe we can get some volunteers that can move the messages into a hidden area so mods can just deal with easier. This keeps the spam from normal users eyes and makes it easier for mods to deal with all in 1 place, etc?
This prevents the volunteers from deleting stuff that is not really spam, if they move stuff they shouldn't then they can be removed from the vol list, etc.
Just spitballing here - got to be way someway to squash this shit…
-
Best practice would be to try prevent it from happening at all rather than dealing with it after it's here. That goes for approving new user posts. That's a lot to ask of the mods and admins, especially on a fairly busy forum such as this one.
-
Read only for all.
Must buy the book for post access.
Unrestricted forum use for support subscribers plus a hot line section or something.
Monetizing isn't necessarily evil if you do it in a way that supports the community.
The only thing is if everyone buys a book would it kill the action here in the forums.
There's a balance for sure. -
Read only for all.
Must buy the book for post access.This would be another kind of forum. BTW not a forum any more but rather "support channel". Why not but not mine, for sure.
As already stated above, this is, in any case, an endless ongoing fight and if making registration more difficult generates more workload from mods, then this is useless and will be more painful, from mods perspective, than deleting spam.
So game is to find the right balance, meaning reasonably complex and dynamic registration process between "open free control-less registration" and process relying on mods approbation after you buy book and report last "6 letters" word printed on page 98.
-
… approving new user posts. That's a lot to ask of the mods and admins ...
Maybe we could share this workload between "validated" board members. Maybe members with more than 100 posts OR a >+10 Karma OR after applying for?
OR at least two veteran board members (your definition here) have to validate new member's first two posts which are parked in a "penalty queue" until final ok.Sharing the approval work load is the key.
-
To me karma is totally meaningless.
You may get "smite" for any good or wrong reason, whatever yo do (or don't) like, the other way around, you may get "applaud" or "thank you" for nothing.Obviously, this doesn't prevent to bring ideas aiming to sanitize this forum ;)
-
Anything that makes more work for the mods/community than deleting spam is not worth the hassle. I also don't like the 'pay to play' idea, it would go against the nature of this forum. The barrier for discussion/posting here must stay low.
As it stands, we get a handful of spam posts a day. Which may be annoying, but it's better than hundreds or thousands, and they do get cleaned up as soon as they're noticed.
-
… approving new user posts. That's a lot to ask of the mods and admins ...
Maybe we could share this workload between "validated" board members. Maybe members with more than 100 posts OR a >+10 Karma OR after applying for?
OR at least two veteran board members (your definition here) have to validate new member's first two posts which are parked in a "penalty queue" until final ok.Sharing the approval work load is the key.
This could possibly work. The best way would be to create a custom mod group with limited moderator permissions so the actual board moderators group isn't expanded beyond a small core group. It would also take a bit of work to vet who the admins would want in this group too, you don't want just anyone trimming posts or wielding a ban hammer.
I'm just not sure if the approval of new member posts is a permission setting that is independent of a regular mods permissions. I do run a small SMF forum so I'll go dig around in the permissions settings and see if that's even possible.
The barrier for discussion/posting here must stay low.
This right here is huge. You make it difficult for new member to participate, even slightly, and it will kill your forum in no time.
-
Did tiered access work for any of the forums out there?
I know at one point Ars tried it. I didn't stay after I was disillusioned with them because they used $5 words but actually were kind of primal in their tactics if they didn't like what you were saying.
Captcha for the bots - don't know what to do about the jerks, though.
-
Captcha for the bots - don't know what to do about the jerks, though.
Ineffective. There's bots out there that can beat captcha. That's where the string of security questions that can only be answered by a person come in.
-
Why just drives me nuts is who in the right mind even follows these links posted in them.. I can understand someone paying someone to post the stuff to try and drive people to wherever they are linking too.
But as who would actually go there even if the board was full of this stuff. I mean really??? I just do not get it.. So if nobody goes, why would you keep paying the people to do it? it really is a sad example of the complete lack of competence in the overall user base of the whole net..
I mean really look at the example shit I posted, who would actually follow anything in such a post???
-
Why just drives me nuts is who in the right mind even follows these links posted in them.. I can understand someone paying someone to post the stuff to try and drive people to wherever they are linking too.
But as who would actually go there even if the board was full of this stuff. I mean really??? I just do not get it.. So if nobody goes, why would you keep paying the people to do it? it really is a sad example of the complete lack of competence in the overall user base of the whole net..
I mean really look at the example shit I posted, who would actually follow anything in such a post???
People are strange. I get a kick out of reading my spam.
The pornographers use credit cards out of necessity.
The root issue is there's no online universal identity. Making identities is trivial and therefore a vector in which shenanigans is spawned through.
-
But as who would actually go there even if the board was full of this stuff. I mean really??? I just do not get it.. So if nobody goes, why would you keep paying the people to do it?
The wonderful and horrible thing about the internet is that it's given us access to a big planet.
When the bots have access to a potential pool of billions of users, you only need to sucker a small percentage to get some return.Unfortunately we're victims of our own success in that having an active vibrant (one of the best out there IMHO) forum means you're a target for the creeps trying to take advantage.
Annoying (as hell some days) but part of the price of "freedom" and keeping this forum and the pfSense product healthy.
Just my $.02
-
Yeah I agree there are billions of people.. How many truly special individuals are their out of the billions.. Since who else would follow such junk.. I mean come on.. You have to have seen the stuff I am talking about. I am not talking about a well implemented phishing thread where seems like someone asking a question or truly trying to help out someone else, etc..
This is just JUNK that is not even posted in the language of the board.. Nobody could be that stupid to follow that shit?? Maybe its the curious people w4rh that follows the links out of morbid curiosity on what could possible be at the end of this url.. etc..
While there are billions on the planet, there are not billions on the internet.. And even a smaller portion on actual forums and such… I just do not see how this could be a cost effective means of drawing traffic to your url.. I just don't get it.. Maybe its just trying to get something to show up on search engines via links the the search engine bots find via their crawling?? That might make more sense than anyone actually clicking on anything in the crap that is being posted..
Either that or its people sending secret messages to each other ;) While it never ceases to amaze me the overall general pure stupidity of the average person, nobody could be stupid enough to think they are going to get a good buy following such spam?? Come on I don't even think the idiots on the pfsense facebook page are that stupid ;)
-
While there are billions on the planet, there are not billions on the internet..
Well…. the world population is touted to push 8 Billion in the very near future.
To get 1 Billion on the internet, you need to reach a little better than 12% of the world population.Don't know what's the actual % of people on the planet with Inet access (does anyone? CAN anyone?), but I'd bet it's between 35%-65%. Remember, cell phone access (including data) in much of what has been known as the "Third World" is increasing at an insane rate.
My original statement stands, billions on the internet means a lovely pool of potential sheep.
Hopefully discussions like the one happening here are a sign that the average IIQ (internet IQ) out there is going up and the sheep are getting wiser.
I like to think things are improving, but I do what I can to raise the IIQ wherever I can (hint - have this conversation with your kids, parents, grandparents, students etc. don't be a sheep!)
