We've recently been plagued by several incarnations of a "ccdeal" user, and it's been quite annoying. Not the first time we've had a spammer create new user IDs by just changing the number at the end, and it won't be the last.
Catchfire and I try to catch as much as possible, but overnight and early morning spam is the norm. Yes, even us superheroes of moderation must sleep, tend children, etc. We ban them when we see them. If we had the capability, we'd block by IP address.
Thank you all who flag spam. It makes the job of overseeing such a large discussion forum easier.
It was recently made more difficult to flag spam. They make you type a reason now?
I just write, "Spam is treif". Works every time.
You are using Drupal, aren't you? Surely you have the ability to block IP addresses. Also, I would assume that you could use wildcards (IE, ccdeal*) in the blocking of user names.
Don't bother, mark_alfred. Every time we talk to the techies, it costs money, and something else gets screwed up. Just be grateful for the deep discount bargains available from ccdeal000031415926535.
I've done my share of flagging spam, now I'll leave it to the rest of you.
We block user names, but our current config of Drupal doesn't let us block by IP.
Drupal is open-source software (IE, "free" as in both "free beer" and "liberty"), so it shouldn't be either difficult or expensive to change the current config. Drupal has support forums to assist with this.
I'm not sure whether blocking by IP is any more effective than by username. Perhaps. Regarding usernames, in Wordpress, which I use, the set up for either "Comment Moderation" or "Comment Blacklist" is as follows: It will match inside words, so “press” will match “WordPress”. Thus all instances of "ccdeal" would be blocked. I'm guessing it could be similar for Drupal. I did set up Drupal a while back, but I couldn't find an en-CA version (just en-US), so I switched to WordPress. Admittedly, Drupal is better for larger projects such as Rabble. It has more options.
Just out of curiousity, does anyone know if Drupal is less user-friendly for dialup than other platforms? I have an awful time with this forum sometimes.
mark_alfred, you almost certainly know more about this than me, but from what I've been told, banning IP addresses a) isn't successful against savvy spammers and b) risks banning an entire library/community centre or other multiple use site if the spammer is accessing a public ISP or that of an unknowing user.
As for the username wild card idea, ccdeal is actually unique in that s/he keeps using iterations of the same handle. Usually there is some other modulation by repeated spammers. And, of course, as soon as we do introduce wildcards, ccdeal will change to cddeal or some such. Not a good use of tech resources.
Flagging for spam (once) remains the best way to bring this to the mods' attention.
Back in the day when an international group of us were co-moderating FPS gaming servers, we were sometimes forced to use scorched earth practices against unpleasant intruders who wouldn't go away when asked nicely. At first we'd use the single IP banning function with IP Wallmaster, but for those whose ISPs used rotating IPs, we'd have to use 'WhoIs' to find the range and block the entire thing. I would guess such a measure is impractical here, but for our purposes it was 100% effective. Then we'd scope out the hacker forums and hear them complain about whatever we were using, and then see them asking if anyone had a workaround. No one ever came up with one.
Because someone had to.
http://www.youtube.com/watch?v=anwy2MPT5RE
Back in the day, banning by IP address was a lot more effective. However, it doesn't always work. I remeber banning one person's IP address and the entire babble pro Israel lobby fell silent.
Ya know if people ever got my screwed up mod permissions sorted out, I'd be happy to help.
Are you sure you just didn't ban yourself from using them?
Hi Catchfire. Yes, you're probably right. Seems that for problems with spam-bots the best solution is a human based solution. Robotic solutions to robotic problems just don't work in the end.
The "bots" are often human now. So CAPTCHA and e-mail validation probably wouldn't work - they can generate endless e-mails.
I don't think many are human. I think most are sophisticated programs like XRumer.
ETA:
Here's a tip from the article on XRumer:
I would bet that CCdeal is a human and not a spamming program.
Unionist, from what I read in the article, it can handle many forms of CAPTCHA with OCR. I'm sure CAPTCHAs still block a lot of crap though. The article says it can handle email validation as well, but I've not read of how it does this. You are right though that making people wait a day is likely too severe, in that it could frustrate new users.
I've read that people buy this program for about $500, primarily to get links across the internet to raise the profile of their snake-oil sites on search engines like google. So there's likely some human interaction at times too. But I think spamming is mostly an animated process from software like Xrumer.
As for human spammers, yes, certainly a lot of posters here (myself included at times) ignore the thread topic and instead post advertising-like links to whatever issue turns their crank. So creating any automatic moderation rules for Babble would be a challenge.
You might be right about that. I checked the list at stopforumspam.com and ccdeal is not on its list.
Ha! Or the more terrifying thought that all of us are, in point of fact, spam bots after all -- and ccdeal is the only human...
Heh. Philosophy major much, Catchfire? :D
Also - Mark, that's really interesting, thanks for your posts! Educational.
Slumberjack said
My ISP is one of those that uses rotating IP addresses -- every time I log on, my IP address is different. If I were the spammer, and babble blocked the IP addy I was spamming from, I could readily spam again by logging off and on, no? And if the whole range was singled out, innocent non-spammers in my area (I'm sure other babblers are from this area) would be unjustly excluded. Am I understanding this correctly?
When I had dial-up (which I still have access to for a backup in case Big Corporation service goes down), I had a single IP address that never changed.
Servers usually have static IP addresses, rather than anything random (though I think some of these spam bots rely on proxy servers.) So, I think banning IP addresses can help. Many of these come from overseas IPs, so I wouldn't worry about "library/community centres" in Canada. That's not where these spam-bots come from.
To digress for a second, I often wonder if programs like XRumer are used to generate all the right-winged nonsense that is seen in many paper columns. For instance, I wonder if the program could be set to target various media sites, with responses that are preset to be made whenever a topic occurs within these media sites' articles. IE, could it be set up that whenever the character string "Mulcair" is found by the program within an article in these media sites, could it generate numerous users making a variety of preset comments to establish a negative theme, regardless of what the article was actually about? I haven't much followed the comments section of newspapers lately, but did notice something that appeared to simply be spambots back when Layton was leader.
Yes, which is why I referred to our practice as scorched earth. In our case we had a website, forum and email contact to address appeals and mistakes.
1. How about CAPTCHA on initial registration? or 2. Do we require email validation? I can't remember. Can bots do that? This can't be that difficult.
Can Xrumer handle CAPTCHA or email validation? I'd much rather have to do one of those to register, than have to wait a day for my first brilliant post to go stale. As for human spammers, well, doesn't that describe all of us after a fashion?