Preventing SPAM

The Annex CNN channel
User avatar
Electroguard
Posts: 835
Joined: Mon Feb 08, 2021 6:22 pm
Has thanked: 267 times
Been thanked: 317 times

Preventing SPAM

Post by Electroguard »

Some comments from the Ventoy forum to think about...
Spam rate is increasing -- and with it the SEO benefits spammers collect by this evil -- and the problem is bound to get worse if nothing is done, until forums collapse under their weight.
I saw it happening many times in other places; this reflects badly on Ventoy as users come to the forums to find specific help.
An easy measure that has worked well elsewhere, is preventing automatic first posts -- i.e., after registration, all users first post has to be approved by the team before it goes public.
Also, users posting spam should be immediately banned.
Other anti-spam measures can be adopted, scores of examples around the web. (E.g., see https://stopforumspam.com/)
They can be very sneaky, and will come back days or weeks later and edit the post to insert the spam. So we have also limited the edit window, until the user becomes more well known (reputation, other criteria).
User avatar
PANNO
Posts: 114
Joined: Thu Feb 25, 2021 4:03 am
Has thanked: 119 times
Been thanked: 25 times

Re: Preventing SPAM

Post by PANNO »

Maybe you dislike the idea to prevent Spam ,but i think its usefull : switching user "free" after donating some bucks. the other are readonly.
The Forum will become spamfree , not bot or spammer will or can pay some bucks.But the serious users become a better Forum.
To be a PhPBB forum Admin is not fun so dont be shy.
Mfg
User avatar
Electroguard
Posts: 835
Joined: Mon Feb 08, 2021 6:22 pm
Has thanked: 267 times
Been thanked: 317 times

Re: Preventing SPAM

Post by Electroguard »

Just a bit of a 'heads up' guys...
There have been some phishing posts with links to catch the unwary - they have been deleted, but more can be expected.
So basically don't click links in posts from unknown contributors, especially if the post does not include code or pictures, and particularly if the post is not translated, and absolutely definitely if it appears to be russian... so only click on links you are confident about.

Posts from russian Annex users are very welcome, but they should distance themselves from any suspicious non-translated SPAM and Malware phishing by taking the effort to provide an english translation of the content, and especially to offer clear explanation for any included links.
User avatar
Electroguard
Posts: 835
Joined: Mon Feb 08, 2021 6:22 pm
Has thanked: 267 times
Been thanked: 317 times

Re: Preventing SPAM

Post by Electroguard »

It seems there are 2 phpBB extensions which could protect the forum from spammers.

Authorized for URLs will "disallow posts with urls in them if the permission to allow urls isn't set".
If that option is set to yes, the author of the post will not be able to make that post without removing the url.
If it's set to no, then the post with url will be placed into the moderation queue.
https://www.phpbb.com/customise/db/exte ... or_urls_2/

So this could be used for a probationary new user group to allow them to post, but not with any urls.

Auto Groups can "automate the process of adding and removing users from groups upon reaching specified milestones based on the user's activity"... such as the specified number of posts above.
https://www.phpbb.com/customise/db/exte ... to_groups/

... set the registered users group to not be able to post links (permission set to "no"). Then using the autogroup extension, once they have created 10 posts (or the number you choose to set) they get elevated to the full group which has 'post url links set to "yes"'.
https://www.phpbb.com/customise/db/exte ... pic/175411


Together, they could allow probationary users who have created the designated number of posts without urls to be automatically promoted up to the full access group which can post urls.

Some spammers will still bulldoze through by firing off dozens of replies in quick succession to surpass the designated milestone, but with autogroup management that can probably be similarly addressed.
User avatar
Electroguard
Posts: 835
Joined: Mon Feb 08, 2021 6:22 pm
Has thanked: 267 times
Been thanked: 317 times

Re: Preventing SPAM

Post by Electroguard »

Recent spam posts are also including image files along with the spam url links (see pic below).
The aim of hackers is to trick the unwary into installing their malware, so any pictures that are included are for their entertainment, not the victims.
Unfortunately, the 'views' count shows that some people are are actually clicking the image file to view it... exactly as the hacker intended.
But for those who may not know, hackers can hide malicious code inside the pixels of an image, which is executed by (for example) an HTML 5 Canvas element which allows for dynamic scriptable rendering of images.
So the golden rule is to not click on anything unless you know what to expect.

malware.jpg
You do not have the required permissions to view the files attached to this post.
AndyGadget
Posts: 222
Joined: Mon Feb 15, 2021 1:44 pm
Has thanked: 119 times
Been thanked: 132 times

Re: Preventing SPAM

Post by AndyGadget »

I flagged this with a PM to the administrator account an hour or so ago.
Does anyone apart from Cicciocb have the power to delete posts?
If the 'delete' option can be extended to others I'm willing to be a spam killer.
User avatar
Electroguard
Posts: 835
Joined: Mon Feb 08, 2021 6:22 pm
Has thanked: 267 times
Been thanked: 317 times

Re: Preventing SPAM

Post by Electroguard »

Yes Andy, but a problem is that not everyone may agree on what is spam and what is not, so if a deleted spam is subsequently re-instated, the deleter might understandably leave future judgements to the appeal judge.
The current situation is evidently not working very well though, so hopefully something can be done to improve the situation.
User avatar
cicciocb
Site Admin
Posts: 1889
Joined: Mon Feb 03, 2020 1:15 pm
Location: Toulouse
Has thanked: 405 times
Been thanked: 1260 times
Contact:

Re: Preventing SPAM

Post by cicciocb »

HI all,
I changed a little bit the logic for the registration, now the user must be approved by the administrators before.

I included also a mandatory question that must be correctly answered to continue in the registration process.

This should inhibit the spams but, obviously, will inhibit people to post their questions just after the registration ...

Wait and see ....
User avatar
PeterN
Posts: 366
Joined: Mon Feb 08, 2021 7:56 pm
Location: Krefeld, Germany
Has thanked: 171 times
Been thanked: 203 times
Contact:

Re: Preventing SPAM

Post by PeterN »

Hi Francesco ,
Do you plan to grant full access after waiting a few hours, a day, or something similar?
User avatar
cicciocb
Site Admin
Posts: 1889
Joined: Mon Feb 03, 2020 1:15 pm
Location: Toulouse
Has thanked: 405 times
Been thanked: 1260 times
Contact:

Re: Preventing SPAM

Post by cicciocb »

No, It is just a question of validation, it must be authorised by the administrators.
I've already seen that simply implementing few elementary questions practically removed all the spammers.
Post Reply