<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">That's a huge problem that started a
couple of years ago. There are some companies out there actually
paying people X dollars for registering Y accounts on different
sites. One of my clients was getting up to 1,000 registrations a
day last year from these people. We finally let some through for a
couple of days to post their spam, then checked what all the links
were going to. They were different sites, but owned by one company
in the UK. The lawyers sent this company a letter and it stopped.<br>
<br>
The really sad part about this new tactic is that your options are
greatly limited to the point of non-existent on stopping them.
Since they are humans doing actual registrations, any attempts to
thwart them will also get the regular users trying to sign up.
You're left with actual human moderation to combat them. <br>
<br>
Globally 2013 saw huge spikes in spamming activity. These people
are getting more bold, and that does lead to us having to rethink
a strategy to combat them. Here's some possibilities:<br>
<br>
- Limit the number of registrations by IP in a given time frame.
Either block or require admin authorization on future attempts.
This works to an extent, but if people use something like Tor to
register, then it doesn't.<br>
- Create moderation displays, showing the first 5 posts and
comments from new registrations.<br>
- If you allow new users to post content, force the new post to a
draft and email site administration/moderators to approve it. Once
they get X approved posts, then they can publish.<br>
- Depending on your site and users, require admin authorization on
certain IP's based upon their geographical location (requires
GeoIP library or 3rd party API).<br>
<br>
No solution is perfect, but I have used a combination of these in
the past for clients and they have been very happy with the
results. Most options are only doable via custom coding though.<br>
<br>
<pre class="moz-signature" cols="72">Jamie Holly
<a class="moz-txt-link-freetext" href="http://hollyit.net">http://hollyit.net</a></pre>
On 4/5/2014 8:51 AM, Walt Daniels wrote:<br>
</div>
<blockquote
cite="mid:CALZ-9dX5ANepeMJ=ND_hoEK4dYfrAm13awv7G6M_RaXO0xFSqw@mail.gmail.com"
type="cite">
<div dir="ltr">I get them to, but it is not mollom's fault. They
are actually registering and typing the captcha just like a
legitimate user. In our case they even have to use a legitimate
email as they cannot do anything more than an anonymous user
until the verify their email. I don't see any pattern I could
apply to the user names that would distinguish them from our
valid users who have some pretty weird usernames. You could find
or right a module that enforced using "real names", i.e. John
Doe. But I even got some like that that turn out to be spammers.</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Sat, Apr 5, 2014 at 8:13 AM, Linda
Romey <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:lromey@gmail.com" target="_blank">lromey@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">I am having the same issue. Have you
contacted Mollom? That's on my to-do list. I'm not sure of
the value of the monthly fee if I still have to
continually monitor my site and delete spam accounts
manually.</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Sat, Apr 5, 2014 at 8:09
AM, James Rome <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:jamesrome@gmail.com"
target="_blank">jamesrome@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
I have Mollom installed, but yet a handful of
account applications<br>
escape their captcha/analysis each day. The
problem is that the only<br>
obviously wrong field is the username, which is
not listed as a field in<br>
the Mollom configuration. I get names such as:
qropspension_5362<br>
<br>
Is there any other way to get rid of these
would-be spammers?<br>
<span><font color="#888888"><br>
--<br>
James A. Rome<br>
<br>
<a moz-do-not-send="true"
href="http://jamesrome.net" target="_blank">http://jamesrome.net</a><br>
<br>
--<br>
[ Drupal support list | <a
moz-do-not-send="true"
href="http://lists.drupal.org/"
target="_blank">http://lists.drupal.org/</a>
]<br>
</font></span></blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
--<br>
[ Drupal support list | <a moz-do-not-send="true"
href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a>
]<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</body>
</html>