Slashdot Mirror

← Back to Stories (view on slashdot.org)

Smart Spam Filtering For Forums and Blogs?

Posted by timothy on from the world-will-beat-a-path-to-your-door dept.

phorm writes "While filtering for spam on email and other related mediums seems to be fairly productive, there is a growing issue with spam on forums, message-boards, blogs, and other such sites. In many cases, sites use prevention methods such as captchas or question-answer values to try and restrict input to human-only visitors. However, even with such safeguards — and especially with most forms of captcha being cracked fairly often these days — it seems that spammers are becoming an increasing nuisance in this regard. While searching for plugins or extensions to spamassassin etc I have had little luck finding anything not tied into the email framework. Google searches for PHP-based spam filtering tends to come up with mostly commercial and/or more email-related filters. Does anyone know of a good system for filtering spam in general messages? Preferably such a system would be FOSS, and something with a daemon component (accessible by port or socket) to offer quick response-times."

9 of 183 comments (clear)

  1. D.I.Y. by Zsub · · Score: 2, Insightful

    Or am I misunderstanding what FOSS really is about?

    1. Re:D.I.Y. by Trahloc · · Score: 2, Insightful

      Not everyone is a programmer, some of us assist in less direct ways.

      --
      The Goal: A long simple life filled with many complex toys.
  2. Re:4 Tests Stopped 30,000 Comments For Me by WebmasterNeal · · Score: 2, Insightful

    Oh I also forgot, if you have a static URL that your form posts to, it is a good idea to rename that page every now and then, especially if it is getting a tremendous amount of spam. Also you can do a check to see if the referring URL is on your own domain as a lot of spammers are posting from a copied version of your form.

    --
    "During My Service In The United States Congress, I Took The Initiative In Creating The Internet." -Al Gore
  3. Re:gmail by siyavash · · Score: 5, Insightful

    "Do not allow registrations with gmail.com email addresses"

    That is one of the most stupid things I heard this year.

  4. Bad Idea by erlehmann · · Score: 4, Insightful

    As someone who once used text browsers, I can only advise everyone not to do this - it breaks accessibility at a fundamental level: I got banned from a forum once because they mislabeled fields.

    What however, works really great for comment spam is a simple question like "What is the name of Barack Obama ?".

  5. Re:the solution is here .. by AnyoneEB · · Score: 3, Insightful

    This is not exactly a new proposal, and it has been shot down on Slashdot before. One major problem is that a lot of spam is through botnets and the spammers would not get charged the e-mail fees, people with zombied computers would. I suppose this would make people with zombied computers notice, but why would they agree to sign up for such a service in the first place? Also, tying e-mail to payment means that the payment is probably traceable to a real person, which a lot of people do not want.

    --
    Centralization breaks the internet.
  6. Re:Fast way is to slow it down by Todd+Knarr · · Score: 2, Insightful

    Internet marketing brought us forum spam in the first place, I'm afraid.

    For most forums it's not about getting the most users at any cost. It's about getting the most interested visitors without scaring an unacceptable fraction away, while at the same time keeping the number of spammers at a manageable level (which, given their proclivities, is pretty close to zero). And the simple fact is that, if it can be automated, spammers can and will automate it. And as long as it costs them little or no time or effort, they'll continue to flood the forum. Getting around filters can be automated.

    I'm reminded of an exchange:
    Merchant: I need some way to keep people from stealing my merchandise all the time!
    Consultant: <looks over the racks of high-value jewelry sitting outside the store> Well, why don't you move your merchandise inside, instead of leaving it out along the sidewalk?
    Merchant: I can't do that! People couldn't see my merchandise, and I might lose customers!
    Consultant: ... so why exactly did you hire me again?

  7. Re:Better than Askimet? by darkpixel2k · · Score: 4, Insightful

    read my sig

    That'll work, right up until the spam bots are told to ignore spampoison.com, or the person who is running the spam bots decides to put spampoison.com into his hosts file and point it to 127.0.0.1.

    Lame solution.

    --
    There's no place like ::1 (I've completed my transition to IPv6)
  8. Re:Better than Askimet? by mysidia · · Score: 3, Insightful

    The problem with that concept is spammers just have to "blacklist" spampoison.com. Or implement "spam filters" of their own to detect such site

    What would really be ideal would be thousands of poison domains, with high variability so smart spammers can't easily protect themselves and sanitize their lists, when they figure out what's going on...