CSA
10-11-2008, 07:01 AM
1. Use your ban lists.
Most forum engines have ban lists for Admins. You can usually ban by IP, email,and names. The second and VITAL part of this is using "wildcards". Most forum engines will allow you to use an asterisk (*) as a wild card. So if you wanted to block everyone with a Russian email address you would enter "*@*.ru" into your "Banned email addresses" of your admin control panel. You can also use a "wildcard" to block users using a specific domain. For example I was having an issue with some guy who was signing up with names from xsecurity.org, so I did a whois on the domain, found nothing legit so I blocked the whole domain by adding "*@xsecurity.org" to my ban list.
sample ban list wrote:
*@*.ru
*@*.cn
*@*.ws
*@*.pl
*@*.in
*@gmx.com
*@ebaysweep.com
*@xsecurity.org
*@inmail24.com
2. Use visual and email verification.
Make them prove they are a real breathing person. Use some kind of graphic that makes the person translate to text. Then make them confirm their email address. It creates a situation that bots can not pass.
3. Take an active roll in managing your forums.
I have seen forums out there where the mods and the admins are not very active, and they get over run easily. Unless you take an active roll in monitoring the names of those who are signing up then you are doomed to fail. It should be fairly obvious that an email address like "skdjlusy@gmail.com" will be a spammer. Copy and paste the IP to your ban list and delete the account.
4. Have Moderators.
Depending on how busy your forums are will greatly influence the number of Mods you will have. But they are vital. It is important to choose people that will take the responsibility seriously and not abuse their powers. A members integrity is important. I usually give them the ability to delete posts/topics and suspend members. If you were concerned about the posts being deleted then you could give them the ability to move the posts to a subforum that was only visible to Admins and Mods. Removing them from the public and thus thwarting the spammers. Then the Admin could delete these posts at his/her leisure.
5. The Final Solution. Only viable for a closed community.
There is one last option which could be flexed if you were a closed community that was not accepting any new members, or at least not letting them self sign up. Lock new membership. Most forum engines have this option. In fact, I have never seen one that does not. This is a potential option for gaming communities. Even if you do wish to add a new member an Admin always has the ability to manually create a new account. He would just create an account using the members desired name , email address, and a generic password (something like 12345) that the member would then be able to change once they logged into the forums.
I hope this is help for some of you, hopefully one day we will be able to get back at these spammers in a meaningful way. If you have any questions please post a reply.
Most forum engines have ban lists for Admins. You can usually ban by IP, email,and names. The second and VITAL part of this is using "wildcards". Most forum engines will allow you to use an asterisk (*) as a wild card. So if you wanted to block everyone with a Russian email address you would enter "*@*.ru" into your "Banned email addresses" of your admin control panel. You can also use a "wildcard" to block users using a specific domain. For example I was having an issue with some guy who was signing up with names from xsecurity.org, so I did a whois on the domain, found nothing legit so I blocked the whole domain by adding "*@xsecurity.org" to my ban list.
sample ban list wrote:
*@*.ru
*@*.cn
*@*.ws
*@*.pl
*@*.in
*@gmx.com
*@ebaysweep.com
*@xsecurity.org
*@inmail24.com
2. Use visual and email verification.
Make them prove they are a real breathing person. Use some kind of graphic that makes the person translate to text. Then make them confirm their email address. It creates a situation that bots can not pass.
3. Take an active roll in managing your forums.
I have seen forums out there where the mods and the admins are not very active, and they get over run easily. Unless you take an active roll in monitoring the names of those who are signing up then you are doomed to fail. It should be fairly obvious that an email address like "skdjlusy@gmail.com" will be a spammer. Copy and paste the IP to your ban list and delete the account.
4. Have Moderators.
Depending on how busy your forums are will greatly influence the number of Mods you will have. But they are vital. It is important to choose people that will take the responsibility seriously and not abuse their powers. A members integrity is important. I usually give them the ability to delete posts/topics and suspend members. If you were concerned about the posts being deleted then you could give them the ability to move the posts to a subforum that was only visible to Admins and Mods. Removing them from the public and thus thwarting the spammers. Then the Admin could delete these posts at his/her leisure.
5. The Final Solution. Only viable for a closed community.
There is one last option which could be flexed if you were a closed community that was not accepting any new members, or at least not letting them self sign up. Lock new membership. Most forum engines have this option. In fact, I have never seen one that does not. This is a potential option for gaming communities. Even if you do wish to add a new member an Admin always has the ability to manually create a new account. He would just create an account using the members desired name , email address, and a generic password (something like 12345) that the member would then be able to change once they logged into the forums.
I hope this is help for some of you, hopefully one day we will be able to get back at these spammers in a meaningful way. If you have any questions please post a reply.