The forums are being actively spammed hardcore right now.

[MikeChipshop Member]

When the Korean bots hit another forum I moderate, we locked everything down to "new members by invite only" after struggling to fight it for months.  Requiring mod approval to join may be necessary to keep things not crazy. :\

Meh, on my forum we just blacklisted certain countries IP ranges. Surprisingly very few spammers actual use a proxy. 
I understand this is a route that Neowin probably doesn't to go down though.

Would be nice to see the return of "Report this member" is their profiles though.

[+Anarkii Subscriber²]

Anyway to disable a login/password signup, and have users require a Facebook account instead? That might stop spammers signing up if you would need a real FB account to link it too.

[Steven P. Administrators]

Yeah IPB removed that and a bunch of other useful features, reporting the post lets moderators flag as spammer right from that report though.

We used to block whole ranges, but it caused problems for genuine members. I will have a look at the ranges being used now though.

[ramesees]

Anyway to disable a login/password signup, and have users require a Facebook account instead? That might stop spammers signing up if you would need a real FB account to link it too.

And if you dont have or want a FB accout but you are a legitimate member ?

[Bagger]

Test post requiring approval. (Steve P.)

[+Anarkii Subscriber²]

And if you dont have or want a FB accout but you are a legitimate member ?

Another service where some kind of verification is used for accounts? 

[Steven P. Administrators]

We've implemented something that should help, but detailing it here just helps the spammers

[JoseyWales]

 

[GlowHost] Spam-O-Matic for vB

vB Bad Behavior http://bad-behavior.ioerror.us/

We use these products over at the Futuremark forum to help keep it at bay. Works quite well as we have had only a handful get through the past few years.

we use the StopForumSpam and Akismet blacklists to keep it at bay and since they are updated automatically it has left very little for us to do besides submitting the occasional spammer to the list.

[kachan64]

have you tried stopforumspam.com mod or something for IPB? This may be actually be useful. Cuz if one email get caught, it applies to all website which uses this mod and help each other out too.

wp-spam shield is a good one (which checks comment box against spam messages), but sadly only for wordpress/bbpress.

I also suggest that you guys may actually have to use captcha when people make new post.

[Steven P. Administrators]

IPS staff claim that the IPS spam service is checked against StopForumSpam, in IPB3 there were also an ACP config page for it.

[MikeChipshop Member]

I think what we currently have is the best toss up between ease of use for users and making it harder for spammers.
Adding in things like CAPTCHA (which is pretty pointless now any way) and requiring social accounts to sign in, isn't going to do anything but make it that much harder for the average user.

At the end of the day, the spam here comes in blocks, gets deleted quickly and is barely that noticeable unless you spend a large chunk of time. I feel the balance is right.

[vanx]

Not sure if anyone noticed, but there was another mild spike of spam a few hours ago. Being a good member of the community, I dutifully reported spam posts as soon as they sprung up. However, the discussion about the bigger picture remains valid. That person was able to fire off 16 posts in the space of 20-something minutes. For someone who just joined, such flood should be cause for concern (not because there is only one and only Rappy). If there is no will to pre-approve the first X posts of new members by mods, may I suggest that "flood" measures are put in place to prevent new members from posting a lot in a short space of time. I appreciate that we do not want to come across as bad for new members but, where there are reasonable grounds for such measures, actions taken should be understandable. 

[Barney T. Administrators]

Thanks to everyone who report spam as you come across it. We deal with each report as soon as we can.

[Obi-Wan Kenobi]

I've reported more spam in the last 2 days than I ever have on this site. Crazy.

[Gone]

I don't understand the purpose of spamming a forum other than to ###### off its members. 

Anyway to disable a login/password signup, and have users require a Facebook account instead? That might stop spammers signing up if you would need a real FB account to link it too.

I don't have a Facebook or any other social media for security and privacy concerns. Well, I probably have a GP account because of my Android, but I don't use it.

 

Phone verification is a good option! Probably expensive though.

[FiB3R]

We should get points for reporting spammers. Minus points for false/incorrect reports, and only the first report actually goes through to the mods, so it doesn't drive them mad.

Gamification of spam could make it fun, and more to the point, I think I'd be pretty high up the leaderboard

 

[francescob]

Can't you implement some mechanism to automatically hide posts/threads that have been reported at least 3 times (from users with a decent number of posts so it can't be easily abused) until a moderator validates them? I think that would kill most spam immediately.

[123456789A]

We've implemented something that should help, but detailing it here just helps the spammers

Trace the spam to its source and pay them a visit.

[kachan64]

We should get points for reporting spammers. Minus points for false/incorrect reports, and only the first report actually goes through to the mods, so it doesn't drive them mad.

Gamification of spam could make it fun, and more to the point, I think I'd be pretty high up the leaderboard

 

Maybe adding scores to the existing reputation system here on Neowin?

[HawkMan]

With around 50 signups a day that's a big ask for the mod team.. even if it is just approving first posts. Approving first posts can also be worked around by spammers.

How would we know which is a Korean spammer just by approving the member account?

most of the spam comes fromt he same users though.

is there any reason why ANYONE, especially a member with less than 100 post would need to post more than one new topic every 10 minutes?

preventing that would stop a majority of the spam, like the guy yesterday who flooded the enitre new content page with new threads in like 2 minutes. 

[Steven P. Administrators]

Again, adding flood control just annoys the membership. A spammer will wait for flood control (they are used to it after all) the only thing we can do is make it annoying, which also affects our active members.

If ya'all can hold out a week or so, we upgrading to 4.1 and I hope the ACP features better controls to combat it, failing that we'll (again) have to look at creating a mod that distinguishes new members from a 'normal' member and possibly apply topic creation rules. In the meantime I will again look in the ACP if there is anything we can adjust. The last time I did that, normal members got (auto)flagged for non-spam lol.

There is no easy solution for this.

[HawkMan]

Flood control would be annoyign if you prevented x amount of post within a minut, even ther eyou could probably safely set a limit to 5 post in a minute and no affect a single member. 

 

but preventing 1 new thread/topic every 10 minutes shouldn't affect any real members, if you set it to only members under 100 posts it definitely wouldn't. no genuine member should have a need for posting multiple threads within 10 minutes. and within 10 minutes a spam post should be reported and taken care of if a mod is online. and even if all mods are offline, it would prevent the whoe new content list from being flooded at the very least. 

 

It's not a complete solution, but it's at least a good part of a solution

[kachan64]

On my wordpress site we have WP-SpamShield for blocking comments

Also using age gate to sign up and that works great.

Speaking of flood control, I've had tried it before and it always locks out users out in the past on another site

[Steven P. Administrators]

There's only an option to limit per day in the ACP.

[LimeMaster]

There's only an option to limit per day in the ACP.

Do that then. Most members only create a thread once in a blue moon anyway.