Reconciling assholes for nearly a decade.

Spam Filter?

I'm still looking for Wayne's most recent changes to fight spam.  I have Bad Behavior working, but I'm still getting several spams a day. 

If anyone has his changes (or Wayne, if you are around), please email them to Ted_Graham@yahoo.com

What if any post that has more than 2 links requires filling in a captcha after pressing submit?  Seems it would eliminate most spam, while rarely bothering legitimate users.  If I knew Php, I'd be happy to submit this change, but I'm a .NET guy.
Permalink Send private email Ted Graham 
April 23rd, 2007 10:37am
If you know NET but can't figure out PHP, then you're just lazy.
Permalink Send private email muppet 
April 23rd, 2007 10:38am
"but I'm still getting several spams a day."

Wow, really, even with Bad Behavior installed?  I currently working on integrating BB into FruitShow with the hopes that it would do a better job than what I've already got in there (as simple as it is).

I don't think we get several spams a day.
Permalink Send private email Wayne 
April 23rd, 2007 10:49am
I delete 2 or 3 a day, on average, IIRC.
Permalink Send private email muppet 
April 23rd, 2007 10:51am
Hmm..  I guess so.  Things move pretty fast around here.
Permalink Send private email Wayne 
April 23rd, 2007 11:09am
Tim built an Askimet spam filter for FruitShow but I haven't put it into effect yet.  If I make a few deeper changes to FruitShow his code would work better.
Permalink Send private email Wayne 
April 23rd, 2007 11:11am
Bad Behavior doesn't work that well without real integration - it needs access to a database for some sort of historical record keeping/tracking, otherwise it just does a few simple checks.

I've thought about this a bit & I think the best solution is to implement a CAPTCHA Cookie. Solve a CAPTCHA & get a cookie. That cookie works as long as your posts don't get deleted. If one of your posts is deleted, you have to solve the CATPCHA again.

My forum uses a plain text CAPTCHA (I found that the other options were too incomprehensible, requiring multiple submissions) and I haven't gotten any spam with this method. In your case, a MATCHA could work just as well & may be easier to implement.
Permalink Send private email ~~~x 
April 23rd, 2007 3:55pm
"Bad Behavior doesn't work that well without real integration"

That's what I figured, which is why I'm working on real integration.

"Solve a CAPTCHA & get a cookie."

Sounds like a good plan. 

"My forum uses a plain text CAPTCHA"

Math question or something?
Permalink Send private email Wayne 
April 23rd, 2007 4:06pm
Random letters. There's a few other things going on too, not just the CAPTCHA, but I think that's the most important part. It's really just a form field & some text that says "copy this text into the field to prove you're not a bot."
Permalink Send private email ~~~x 
April 23rd, 2007 4:47pm
I like this one:
"Let the browser sign the message using JavaScript"

Seems like a simple thing to implement and would let most people avoid the CAPTCHA altogether.
Permalink Send private email Wayne 
April 23rd, 2007 5:00pm
Yeah, that's a nifty one. Still something that could be automated around (I'm pretty sure most spam bots have javascript capabilities), but as long as the effort != the reward, it's good enough.

You could write one variable on the thread or homepage & then another on the post page. This way anyone bypassing the homepage or post page could never post.

Something like.

Homepage = Variable A
Thread = Variable B

New Thread = Variable A1
Reply = Variable B1

Before you submit you need A+A1 or B+B1.
Permalink Send private email ~~~x 
April 23rd, 2007 5:26pm

This topic is archived. No further replies will be accepted.

Other topics: April, 2007 Other topics: April, 2007 Recent topics Recent topics