Super Soaker Central

We just had a PM spammer who managed to get out 241 PMs before I noticed. He's been banned and I deleted every PM he sent. Apologies to those who were spammed.

In the future, please let me know if you receive a spam PM. These can be hard to detect as PM spammers intentionally avoid messaging administrators.

Another PM spammer sent off 390 PMs before I stopped him. I deleted them all and banned the user in question.

I'll be looking into ways to avoid this problem. I've already doubled the minimum time between sending PMs to 120 seconds and set email verification to be required for registration.

Banning use of anonymous proxies is another thing we could do as these spammers use anonymous proxies. Not allowing PMs to be sent until a user has 1 post makes sense too. Neither of these can be done without modifying the board, though. There also are some modifications that automatically add new entries to our ban lists, but as far as I know I'd need to upgrade vBulletin to use them.

You guys have any other ideas?

IP ban maybe?

IP bans don't work on users behind proxies. However, they should work on proxies themselves but there should be a better method to block them due to how many there are. (some proxies are constantly being created to, for example, get around unreasonable internet filtering at schools or work)

If I remember correctly, SSC used to not require birthday entry, but now it seems that it does. (correct me if I'm wrong) Blocking proxies would be an additional privacy barrier for users to deal with and in this day and age, you can't blame anyone for wanting to preserve privacy/security. That said, I think very few, if any users go around here via proxy for privacy. Proxies seem to be most commonly used on forums to circumvent IP bans.

I don't know how banning proxies would work, but I'm sure you have a way to do it.

The PM time delay shouldn't be increased too far. 2 minutes is already quite a bit and can deter those who simply wish to send another message to correct/clarify something. However, it may be the only way if the BB software doesn't have any features to detect when the user, say, sends 10 PM's in an hour. (I'm assuming it doesn't otherwise you would have implemented it already)

For email, there's not much that can be done. Non-ISP/domain name provided webmail is the most commonly used system so banning gmail/yahoo/hotmail is not a good option. If I remember correctly, you were already aware of this issue.

That's about all I know of that I could suggest for now.

You could have a set post barrier for new members, so that no one can send a private message until we recognize them as an actual member of the SSC community. 10-15 posts should be adequate.
-Zeda

zeda.beta wrote:You could have a set post barrier for new members, so that no one can send a private message until we recognize them as an actual member of the SSC community. 10-15 posts should be adequate.
-Zeda

Ben did say he has it set that you can't send a PM until you have 1 post, but I agree it could be set a little higher than 1 because the spammer may notice that and leave a post with no relevance to a topic just so that they can send the PMs. (unless however it is a spam bot)

That is why we have to check the new members, and make sure they are posting with relevance to the topics, or at least trying to. @Specter: But I didn't see that, at least one post is going to stop the spambots.
-Zeda