[geeklog-devtalk] Spam warnings?

[Dirk Haun]

Rick,


>It really comes down to whether or not you allow anonymous posters.


At least for geeklog.net, I think it's important that people can ask
questions in the forums without registering. Why register with a site
when you're not sure if you're ever going to use the software or not?



>I've mentioned before using obscure-codes - whether for account signup, or

>for anon posters - visitor has to enter in the 4 or 6 sequence code that is

>presented as a garbled image.


I have to admit that CAPTCHAs look more and more like the only feasible
way to prevent spam. But I still think they're a PITA. Maybe if they were
only used for anonymous posters ...



>So why not let the comment poster confirm his/her own posts?  Like this -

>anonymous poster must also supply their email address, poster adds comment,

>geeklog generates confirm email to that address, poster must click

>confirmation link in their email before comment shows up.


I would assume even that could be automated easily: Set up a server, post
with throw-away account for the domain, parse email, auto-approve self.

We're talking about guys that burn through 1-2 domains per day (today's
domains are bnetsol DOT com and registrarprice DOT com, btw - they used
the last 2 for less than 24 hours). They have the money, they have the
resources. They're obviously already running bots that specifically
target the forum plugin.

Automated solutions can help reduce the spam, but with these guys, every
method will be circumvented sooner or later. In other words: I'm afraid
there will always be a certain amount of human interaction necessary to
stop (this sort of) spam.

bye, Dirk


-- 
http://www.haun-online.de/
http://geeklog.info/