<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Times New Roman, Times, serif"><a class="moz-txt-link-freetext" href="https://drupal.org/project/spambot">https://drupal.org/project/spambot</a>
indicates Spambot's maintenance status as "Minimally maintained".
Honeypot and Botcha are under active development. I had
difficulty installing Botcha but Honeypot installed just fine, and
instantly cut the rate of bogus registrations from about 15/hr. to
about 3/day.<br>
</font>
<blockquote><font face="Times New Roman, Times, serif">Mark
Rosenthal</font><br>
<font face="Times New Roman, Times, serif"><a class="moz-txt-link-abbreviated" href="mailto:mbr@arlsoft.com">mbr@arlsoft.com</a></font><br>
</blockquote>
<font face="Times New Roman, Times, serif"><br>
</font>
<div class="moz-cite-prefix">On 4/5/14 11:12 AM, Ken Robinson wrote:<br>
</div>
<blockquote
cite="mid:CA+A4UuOyY_YMR94GDe1hWBK89Bzn9fngvw0Urr-UOkNXjP2UBQ@mail.gmail.com"
type="cite">
<div dir="ltr">Take a look at the spambot module. This module will
check to see if an entered email address is in their database of
know spammers and will not let them register if it is.
<div><br>
</div>
<div><br>
</div>
<div>Ken</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Sat, Apr 5, 2014 at 10:23 AM, Jamie
Holly <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:hovercrafter@earthlink.net" target="_blank">hovercrafter@earthlink.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>That's a huge problem that started a couple of years
ago. There are some companies out there actually paying
people X dollars for registering Y accounts on different
sites. One of my clients was getting up to 1,000
registrations a day last year from these people. We
finally let some through for a couple of days to post
their spam, then checked what all the links were going
to. They were different sites, but owned by one company
in the UK. The lawyers sent this company a letter and it
stopped.<br>
<br>
The really sad part about this new tactic is that your
options are greatly limited to the point of non-existent
on stopping them. Since they are humans doing actual
registrations, any attempts to thwart them will also get
the regular users trying to sign up. You're left with
actual human moderation to combat them. <br>
<br>
Globally 2013 saw huge spikes in spamming activity.
These people are getting more bold, and that does lead
to us having to rethink a strategy to combat them.
Here's some possibilities:<br>
<br>
- Limit the number of registrations by IP in a given
time frame. Either block or require admin authorization
on future attempts. This works to an extent, but if
people use something like Tor to register, then it
doesn't.<br>
- Create moderation displays, showing the first 5 posts
and comments from new registrations.<br>
- If you allow new users to post content, force the new
post to a draft and email site administration/moderators
to approve it. Once they get X approved posts, then they
can publish.<br>
- Depending on your site and users, require admin
authorization on certain IP's based upon their
geographical location (requires GeoIP library or 3rd
party API).<br>
<br>
No solution is perfect, but I have used a combination of
these in the past for clients and they have been very
happy with the results. Most options are only doable via
custom coding though.<span class="HOEnZb"><font
color="#888888"><br>
<br>
<pre cols="72">Jamie Holly
<a moz-do-not-send="true" href="http://hollyit.net" target="_blank">http://hollyit.net</a></pre>
</font></span>
<div>
<div class="h5"> On 4/5/2014 8:51 AM, Walt Daniels
wrote:<br>
</div>
</div>
</div>
<div>
<div class="h5">
<blockquote type="cite">
<div dir="ltr">I get them to, but it is not mollom's
fault. They are actually registering and typing
the captcha just like a legitimate user. In our
case they even have to use a legitimate email as
they cannot do anything more than an anonymous
user until the verify their email. I don't see any
pattern I could apply to the user names that would
distinguish them from our valid users who have
some pretty weird usernames. You could find or
right a module that enforced using "real names",
i.e. John Doe. But I even got some like that that
turn out to be spammers.</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Sat, Apr 5, 2014 at
8:13 AM, Linda Romey <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:lromey@gmail.com"
target="_blank">lromey@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div dir="ltr">I am having the same issue.
Have you contacted Mollom? That's on my
to-do list. I'm not sure of the value of the
monthly fee if I still have to continually
monitor my site and delete spam accounts
manually.</div>
<div>
<div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Sat, Apr 5,
2014 at 8:09 AM, James Rome <span
dir="ltr"><<a
moz-do-not-send="true"
href="mailto:jamesrome@gmail.com"
target="_blank">jamesrome@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex"> I have
Mollom installed, but yet a handful
of account applications<br>
escape their captcha/analysis each
day. The problem is that the only<br>
obviously wrong field is the
username, which is not listed as a
field in<br>
the Mollom configuration. I get
names such as: qropspension_5362<br>
<br>
Is there any other way to get rid of
these would-be spammers?<br>
<span><font color="#888888"><br>
--<br>
James A. Rome<br>
<br>
<a moz-do-not-send="true"
href="http://jamesrome.net"
target="_blank">http://jamesrome.net</a><br>
<br>
--<br>
[ Drupal support list | <a
moz-do-not-send="true"
href="http://lists.drupal.org/"
target="_blank">http://lists.drupal.org/</a>
]<br>
</font></span></blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
--<br>
[ Drupal support list | <a
moz-do-not-send="true"
href="http://lists.drupal.org/"
target="_blank">http://lists.drupal.org/</a>
]<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
</blockquote>
<br>
</div>
</div>
</div>
<br>
--<br>
[ Drupal support list | <a moz-do-not-send="true"
href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a>
]<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</body>
</html>