CAN WE DO SOMETHING ABOUT ALL THIS SPAM?????

Conversations about this site go here.

Moderators: jhartley, MSR734, nola

CAN WE DO SOMETHING ABOUT ALL THIS SPAM?????

Post by markpaterson » Sat Oct 27, 2012 7:50 am

:x :x :x :x :x :x :x :x :x :x :x
markpaterson Offline


 
Posts: 9
Joined: Fri Oct 05, 2012 1:48 pm

Re: CAN WE DO SOMETHING ABOUT ALL THIS SPAM?????

Post by grahamperrin » Sat Oct 27, 2012 2:41 pm

I'm not familiar with phpBB but my guesses include: use an external authentication system.

(The current approach to authentication seems too easily abused.)

However, at https://www.phpbb.com/community/viewtop ... #p13182921

The authentication system currently does not easily support external authentication systems. It is being rewritten for 3.1 and (I believe) support for OpenID will be built in.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

Re: CAN WE DO SOMETHING ABOUT ALL THIS SPAM?????

Post by /dev/null » Sun Oct 28, 2012 3:20 am

+1
/dev/null Offline


 
Posts: 16
Joined: Sat Sep 15, 2012 7:13 am

Re: CAN WE DO SOMETHING ABOUT ALL THIS SPAM?????

Post by grahamperrin » Sun Oct 28, 2012 6:05 am

For the current release of phpBB

phpBB • View topic - Preventing Spam in phpBB3 (2011-02-28, not open to discussion)

Broken visual CAPTCHA plugins with the stock install of phpBB include:

  • CAPTCHA Without GD
  • GD 3D CAPTCHA
  • reCAPTCHA
  • GD CAPTCHA

> … ineffective and should not be used. …

For future releases of phpBB

[RFC] Anti-spam features - Development Discussion Board (2010-07-24)

[RFC] Auth Plugin Refactoring & User Integration - Development Discussion Board (2012-04-24)
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

ConSof Alternate Login module for phpBB

Post by grahamperrin » Sun Oct 28, 2012 6:43 am

use an external authentication system


ConSof Alternate Login module for phpBB – beta

phpBB • View topic - [RC]AlternateLogin(Windows Live,Facebook,Twitter,OpenID) (2009-12-03, 1,479 posts across ninety-nine pages)

Seeking the word spam within that topic finds the suggestion (2012-10-01) that the module should help to avoid spam, provided Quick Accounts are not used.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

Re: CAN WE DO SOMETHING ABOUT ALL THIS SPAM?????

Post by dbrady » Sun Oct 28, 2012 1:39 pm

+1
I'd rather read real posts than waste time moderating the spam!
dbrady Offline


 
Posts: 67
Joined: Wed Sep 12, 2012 12:43 am

Re: CAN WE DO SOMETHING ABOUT ALL THIS SPAM?????

Post by grahamperrin » Wed Oct 31, 2012 4:43 pm

grahamperrin wrote:… guesses include: use an external authentication system. … 


I wondered whether a shift to OpenID (instead of e-mail based registration and authentication) could reduce the risk of spam … maybe not so. A 2006 post [OpenID] Localhost OpenID observed:

> … OpenID is already wide open for spam. There's nothing
> about the scheme now that in any way what-so-ever protects against
> spam. In fact, as I recall, OpenID began to be used as spam only a few
> short weeks after it was released.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

thanks

Post by grahamperrin » Mon Nov 05, 2012 1:37 am

To whoever moderated the recent batch: big thanks.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

Re: CAN WE DO SOMETHING ABOUT ALL THIS SPAM?????

Post by chriswayg » Sun Nov 11, 2012 5:52 am

+1
Thanks to those who are deleting the spam. Still on some days its getting so bad that I dislike using the forum, because half of all new posts seem to be spam.

Some suggestions for improving the situation can be found here:
https://www.phpbb.com/community/viewtop ... &t=2122696
https://www.phpbb.com/customise/db/mod/ ... /faq/f_548

I like the following for its simplicity:
Q&A CAPTCHA
At this time, the Q&A CAPTCHA plugin seems to be the most effective single solution against spambots (and some human spammers). For this technique to be effective, you must use simple but non-obvious question and answer combinations.
...
To enable the Q&A CAPTCHA, browse to Spambot countermeasures on the General tab of the ACP, then select "Q&A" under "Installed Plugins". Select "Configure", setup your question and answer pairs, then submit the forum. Notice you may need separate Q&As for each language you use.
It should be possible to implement this within a few minutes...
chriswayg Offline


 
Posts: 19
Joined: Sun Nov 04, 2012 8:27 am

possible question for a human (not a bot) to answer

Post by grahamperrin » Sun Nov 11, 2012 6:56 am

If a human-oriented answer to a question is the way to go, then maybe require an answer that must be discovered:

  • from a different domain
  • maybe from the GreenBytes, Inc. page for this product.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

Next

Return to Meta (About this forum)

Who is online

Users browsing this forum: ilovezfs and 0 guests

cron