Forum Spammers

<p>I launched an update last night after collaborating with one of our anti-spam services. At their request, we loosened some of the measures that were causing many false-positives and keeping some of you unable to log into the site.</p><p><br></p><p>I added some tools for our admin team to report/remove spam a little easier. Part of this is meant to send more data to the anti-spam tool, the theory is that it will continue to learn the nature of this particular SPAM attack and get better at preventing it.</p><p><br></p><p><strong>One thing to keep in mind is that this means we will likely see some batches of SPAM come through, but this is meant to decline over time.</strong></p><p><br></p><p>I would also like to speak a little to the nature of our systems in place.</p><p><br></p><p><strong>Google reCAPTCHA</strong></p><p>This is sort of the first line of defense. It is arguably the best captcha system available, leveraging the insane powers of Google's machine learning capabilities. This is in front of all account registrations and as of this week is also a part of submitting a new thread to the forums. We have not implemented this for comment replies as it is a little more cumbersome then I think we'd prefer for this interaction but…never say never.</p><p><br></p><p>It's worth noting that even this is not fullproof: <a href="https://nakedsecurity.sophos.com/2017/11/01/now-anyone-can-fool-recaptcha/&quot; target="_blank">https://nakedsecurity.sophos.com/2017/11/01/now-anyone-can-fool-recaptcha/</a></p><p><br></p><p><strong>IP and Email Address Known SPAM Databases</strong></p><p>We leverage a service that has access to several of the largest databases of known/reported SPAM email addresses, top level domains, and IP addresses. Every user registration, comment, and forum post passes through this filter, and many are blocked every day. We have had nearly 10,000 positive hits in the last week alone.</p><p><br></p><p><span style="color: rgb(0, 0, 0);">We are able to see global reports on every individual email and IP address. </span>I would like to point out that in manually investigating many of the SPAM addresses from the incident this week, almost every one I spot checked had zero incidents of SPAM until the last 2-3 weeks at which point reported incidents skyrocketed. This indicates to me that this is a new attack that is being launched across various corners of the internet. </p><p><br></p><p><br></p><p><strong>Content Analysis</strong></p><p>We pass content over to a service that also analyses the author information (IP, username, email address) but also examines the actual content of what's being posted in an attempt to flag SPAM as SPAM. All of our comments pass through this system but new forum posts had not been getting through this system. <strong>This is the biggest change that has been made in the last 48 hours. </strong>Now every piece of content posted by a user is passed through this filter. It was short-sighted that forum posts weren't put through this system but this has been addressed. </p><p><br></p><p><strong>Moving Forward</strong></p><p>Brad has been begging, as well as many of you, for some simple SPAM reporting features from users. This was meant to roll-out in the next major release we have been working on for the last several months (which we'll likely be sharing information about soon) but I am accelerating this feature and hope to have it out sometime early next week. </p><p><br></p><p><br></p><p>These things are an ongoing arms race, we will ultimately win this battle but the war will go on…IE, SPAM will always be an issue. No website is SPAM free, it's just not feasible in today's world. I actually really believe the SPAM on our site is relatively minimal and fairly well managed internally (I know this because I work on and have worked on dozens of other websites across many topics)– we currently lack hugely in giving our user's the ability to help us manage it; we're working on that (as mentioned above). You will likely continue to see some junk posted over the next few days…bare with us. </p>