Spam protection possibilities
Bug #1250641 reported by
Aaron Wells
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Opinion
|
High
|
Unassigned |
Bug Description
Mahara gets a steady annoying flow of forum spam. On a typical day it's 5 to 10 messages. This isn't a whole lot, but since the number of messages on mahara.org's forums is fairly low, this makes up about 40% of the messages each day.
I'm opening this bug to explore options to deal with this issue.
summary: |
- mahara.org forum spam + [ongoing] mahara.org forum spam |
To post a comment you must log in.
I've been told by Kristina that there have been previous attempts to curb the mahara.org forum spam, and the current approach of just manually deleting the messages was the best that could be done. I'll ask her for some more details about why the other approaches didn't work, so I can make sure I don't go down those same blind alleys.
The spam tends to be 1-3 messages posted from a newly registered account. Our account registration system does use Mahara's anti-spam functions, but these only block the simplest of automated attacks and could be circumvented by a slightly more targeted script. Previous investigations into the spamming apparently indicate that the spam is being posted by human beings, though.
Currently we just delete the spam messages and suspend the user accounts as they are found. However, this has the downside that by the time we notice the message, the email about it has already gone out to all forum subscribers.