Spam protection (General)
What do you think about services like Akismet?
What do you think about services like Akismet?
by bttr, Tuesday, June 13, 2006, 08:15 (6499 days ago) @ Alex
What do you think about services like
Akismet?
(1) Why not use Phil's proposal: Bad Behavior/Bad Behaviour?
(2) We still need spam protection for the current versions! Yes, I can protect my own 'mlf' installation, but I have received a lot of spam mails sent out via your forum in the last days.
by Alex , Tuesday, June 13, 2006, 16:47 (6498 days ago) @ bttr
(1) Why not use Phil's proposal:
Bad Behavior/Bad Behaviour?
Looks very good! I'll test it. After the first quick look at it I wonder whether the script contacts a server where the filter rules are stored centrally (like Akismet does) or does the filter come with the script (and thus has to be updated from time to time)? (So far I only found a "whitelist".)
(2) We still need spam protection for the current versions!
Yes, absolutely! When I find a good spam protection I will also intgrate it in the current version (and also for the contact form).
Alex
by Alex , Tuesday, June 13, 2006, 17:25 (6498 days ago) @ Alex
[...] or does the filter come with the script [...]
OK I found the list with the user agents. But wouldn't it be easy for a spambot to put a random string as user agent?
Alex
by wolf, Thursday, June 15, 2006, 19:26 (6496 days ago) @ Alex
What do you think about services like
Akismet?
Why not ...
From my point of view, the integration of CAPTCHA will at least help to avoid automatic entries. I started to integrate "eBiene CaptchaImage Maker" (http://lab.ebiene.de/?module_name=scripts) but not everything fits together currently ...
What's your opinion regarding CAPTCHA integration?
Regards/Grüße
Stefan
by bttr, Friday, June 16, 2006, 12:08 (6495 days ago) @ wolf
What's your opinion regarding CAPTCHA integration?
I already made a well-working CAPTCHA patch to mlf month ago, but Alex showed no interest!
by Alex , Friday, June 16, 2006, 15:28 (6495 days ago) @ bttr
I already made a well-working CAPTCHA patch to mlf month ago, but Alex
showed no interest!
Yes, I did! But in my opinion CAPTCHA is no good solution as it affects the usability. Therefore I'd like to implement a spam protection of which the (human) users don't take notice of. I think a central and up to date filter system like Akismet is a good approach. But at the moment I'm also testing Bad Behavior and I'd appreciate any other good idea.
Alex
by james, Friday, June 16, 2006, 16:54 (6495 days ago) @ Alex
Alex - I love mlf and I appreciate your work tremendously, but I respectfully disagree. CAPTCHA is a absolute necessity in today's world. I have implemented it for all submitted forms on my websites because of the tremendous rise in attacks in the last 8 months. Couldn't you at least consider making it an option for mlf?
Thanks,
James
by wolf, Saturday, June 17, 2006, 18:00 (6494 days ago) @ james
James, I fully agree to your statements and request to Alex.
The litle change of the usability in comparism with the improvement for the webmaster is more than justifiable (even if some users not using a GUI are more or less excluded).
Stefan
by Dan, Saturday, July 22, 2006, 02:57 (6460 days ago) @ wolf
I also agree. This should be an option. CAPTCHA solves a lot of issues and is not a heavy burden on the user.
by tauno , Tuesday, August 01, 2006, 16:08 (6449 days ago) @ Alex
How about CAPTCHA only for non-registered users?
by wolf, Sunday, June 18, 2006, 11:13 (6493 days ago) @ bttr
I already made a well-working CAPTCHA patch to mlf month ago, ...
Hi "bttr" (Robert),
as my personal CAPTCHA patch is still not working with "100% performance", is your CAPTCHA patch somewhere available fit for use?
by bttr, Monday, June 19, 2006, 08:59 (6493 days ago) @ wolf
as my personal CAPTCHA patch is still not working with "100% performance",
is your CAPTCHA patch somewhere available fit for use?
Yes, it is. Simple submit a request via http://www.bttr-software.de/contact/
by Felix Riesterer , Germany, Monday, July 03, 2006, 14:37 (6478 days ago) @ Alex
Hi Alex!
I use your "my little forum" script on our school's website and I like it!
About SPAM... I'm using a certain mechanism in my own guestbook script which always forces you to a first preview before it would accept any entries. I've only implemented a static hidden field which is only sent together with the preview page so no automated script (aka "bot" ) can "know" it needs to be posted, too, before the sent data will be accepted.
This mechanism can be refined by using a session ID to check and change the input's name attribute so no bot can re-use a posted form to spam a guestbook/forum/form mailer etc. because it "knows" about this hidden input field (and the name in it)...
What do you think about this mechanism? Could it help solve your problem?
Greetings from Ellwangen (Jagst) in Germany,
Felix Riesterer
by Aaron , Tuesday, July 11, 2006, 17:16 (6470 days ago) @ Felix Riesterer
I must say, I run a blog that uses Akismet, and it has caught 100% of the spam posts without necessitating CAPTCHA.
by Felix Riesterer , Germany, Wednesday, July 12, 2006, 04:44 (6470 days ago) @ Aaron
I must say, I run a blog that uses Akismet, and it has caught 100% of the
spam posts without necessitating CAPTCHA.
I'm sorry, but you seem not to have gotten my point... I wasn't referringt to any CAPTCHA mechanism and I also wasn't suggesting my solution would depend on any third-party services.
Greetings from Germany,
Felix Riesterer.
by phil, Sunday, August 20, 2006, 18:12 (6430 days ago) @ Felix Riesterer
guestbook script[/link] which always forces you to a first preview before
it would accept any entries. I've only implemented a static hidden field
which is only sent together with the preview page so no automated script
(aka "bot" ) can "know" it needs to be posted, too, before the sent data
I do like this idea. To parse it out a little, here is how I understand it:
1. Comment form is filled out and submitted to the processing script.
2. If processing script does NOT find a "preview" flag
a) A random preview flag is created
b) flag is assigned to a session variable
c) the preveiw page is shown with submitted information and a hidden field that contains the preview flag.
3. If the processing script DOES find a preview flag.
a) If posted flag matches session variable, form is submitted and thank you page shown
b) If posted flag does NOT match the session variable, form is not submitted and the spammer routine is triggered
Phil
by phil, Saturday, August 19, 2006, 17:45 (6431 days ago) @ Alex
What do you think about services like
Akismet?
What I see is that spammers are always getting smarter, more aggressive, and more numerous. Captcha will not block everything because when spam stops posting, they visit your site to find out why, and then post a few test messages -- including questions to bait you into responding directly by email. Akismet and Bad Behavior cannot block these people either.
On public forums it takes a combined approach: Captcha, Bad Behavior / Akismet, ip blocking, flood prevention, keyword blocking, and member moderators.
That's a lot of work just to stop vandalism. For scripts like the comment script, guestbook, and weblog, I believe the answer is easy: all messages should be subject to approval. On the Forum, the closest equivalent would be to make the forum members-only. I wouldn't be surprised if most forums go in that direction.
Phil
by needhelp338, Sunday, April 22, 2007, 02:34 (6186 days ago) @ Alex
I agree with what some of the posters said about CAPTCHA. CAPTCHA has been great for my forum. Not only does it deter spam, it also allows people to post without having to register which I think is a great plus.
Please consider allowing CAPTCHA as an option.
Thanks
by Micha , Sunday, April 29, 2007, 15:00 (6178 days ago) @ Alex
--
applied-geodesy.org - OpenSource Least-Squares Adjustment Software for Geodetic Sciences