Comment 77 for bug 1614403

I saw that new topics were made after a minute or so. Or do i misunderstand 'flood limit'?

For me there is another problem: This spambots never log out. So setting them to inactive will not stop them because the current session is ever valid. The only thing one can do is to delete the user and thus his posts get lost for further examination. We had discussed the 'session' issue earlier, and i think a third person can't easily log a user out or removes his session. See https://stackoverflow.com/questions/953879/how-to-force-user-logout-in-django#954318

What about counting hidden posts per user? Say if user x writes 10 posts which get hidden we can be sure it's not a human. If he writes the 11th post he get logged out. I he logs in again and writes the 12th post he get logged out, set his 'is_active' flag to false (so he can't log in again) and show him a http 505 or http 403. Doing something like that we can at least examine the hidden posts.