-
Notifications
You must be signed in to change notification settings - Fork 0
Spam prevention #169
Comments
What about passing all questions from users with < |
Oh yeah, that's a good idea. |
Another thing could be adding a token to a hidden form element via JS so spambots would need JS to have the form successfully submit. |
Good thinking. So that just leaves advanced spambots and human spammers (if the queue doesn't prove to be practical)... |
Additionally, I propose that a "safelink bank" is defined and new users (< Gibberish and flat spam, on the other hand, simply needs care. |
What about requiring email verification before being able to ask a question? (Note: if we do this, the email thingy also needs to be fixed, as I never got a verification email) |
|
Hmm... how were those spammers able to post stuff with 0 rep then? Because email verification gives you 50 rep, didn't it? |
No, I manually give out 50 rep to people I trust only because DevDoodle is in its early stages and reputation doesn't work naturally yet. You don't need rep to ask a question. What email verification does is allow you to log in. |
Ah, I see. |
... or we could just run Smokey, Pham and Chris's bot. |
:D |
Man, CCTV style monitoring is so 1900. And the spammers will always find a way. Not saying that it's important or that my concern is more than an arbitrary, pointless rant that gives you no information or room to constructively improve, but they will always find a way. ALWAYS. |
But, but... who doesn't like a good old-fashioned cyber stakeout? |
What about disallowing mailinator.com email addresses? According to the JSON you posted in the Tavern, one of the spammers used that. I've looked it up and apparently it is a website where you can simply access an inbox without having to create an email address. I cannot think of any situation where a real user would want to use that, so we can probably disallow it. If spammers have to create an actual email address, it will at least slow them down, or they might simply don't. |
It may be worth our while to look for - and block - other such services too. |
It really isn't that hard to buy a $0.99 per year .xyz domain and then set up all MX records to redirect to a real inbox for a spammer to sign up with |
Here's a nice list of temp-mail services: |
I'm closing this now since I don't think it's really an issue. It can be reopened when spam poses a bigger threat. |
So far what I can think of is:
Obviously #124 is a big step toward protection too.
What other tricks are there? Which ones should be implemented?
The text was updated successfully, but these errors were encountered: