Reset Password · YAF.NET Support Forum

Welcome Guest! To enable all features please Login or Register

Posted by: squirrel - Sunday, 6 February 2011 15:51:02
I'm curious, with the excellent features like reCaptcha implemented in YAF why you guys don't enable them on this site to keep the spammers down? Just enabling it on user account creation would cure it around here. We run the reCaptcha on our live site and it works perfectly!

Posted by: cagliostro - Sunday, 6 February 2011 15:58:30
Not only captcha but some other anti-spam protection should be (optionally) added. The best i have found as fully effective is to allow a newbie to post after 24 or 48 hours. Spammers don't ever come back. Again this could be enabled or disabled for "community" defenders.

Posted by: Dr-Hack - Sunday, 6 February 2011 16:24:51
[quote=cagliostro;46549] The best i have found as fully effective is to allow a newbie to post after 24 or 48 hours. Spammers don't ever come back. [/quote] users wont even come back aswell in many cases...

Posted by: cagliostro - Sunday, 6 February 2011 16:49:17
[quote=Dr-Hack;46554][quote=cagliostro;46549] The best i have found as fully effective is to allow a newbie to post after 24 or 48 hours. Spammers don't ever come back. [/quote] users wont even come back aswell in many cases... [/quote] Well, personally i HATE ReCaptcha. I find it hard myself. While it may keep out spammer-bots, it keeps out legitimate users also.

Posted by: squirrel - Sunday, 6 February 2011 16:53:34
[quote=cagliostro;46556][quote=Dr-Hack;46554][quote=cagliostro;46549] The best i have found as fully effective is to allow a newbie to post after 24 or 48 hours. Spammers don't ever come back. [/quote] users wont even come back aswell in many cases... [/quote] Well, personally i HATE ReCaptcha. I find it hard myself. While it may keep out spammer-bots, it keeps out legitimate users also. [/quote] The nice thing about reCaptcha is it will 'speak' to you if you can't read it. But blocking users for 24-48 hours will honestly keep them out much more than 'reCaptcha' will. At least with a captcha program, the user can post immediately. Many times when I go to a forum I have to register on, it's so I can post IMMEDIATELY for whatever reason. Having to wait several days usually sends me somewhere else.

Posted by: squirrel - Sunday, 6 February 2011 16:53:34

[quote=cagliostro;46556][quote=Dr-Hack;46554][quote=cagliostro;46549] The best i have found as fully effective is to allow a newbie to post after 24 or 48 hours. Spammers don't ever come back. [/quote] users wont even come back aswell in many cases... [/quote] Well, personally i HATE ReCaptcha. I find it hard myself. While it may keep out spammer-bots, it keeps out legitimate users also. [/quote] The nice thing about reCaptcha is it will 'speak' to you if you can't read it. But blocking users for 24-48 hours will honestly keep them out much more than 'reCaptcha' will. At least with a captcha program, the user can post immediately. Many times when I go to a forum I have to register on, it's so I can post IMMEDIATELY for whatever reason. Having to wait several days usually sends me somewhere else.

Posted by: cagliostro - Sunday, 6 February 2011 17:01:00
[quote=squirrel;46558] The nice thing about reCaptcha is it will 'speak' to you if you can't read it. But blocking users for 24-48 hours will honestly keep them out much more than 'reCaptcha' will. At least with a captcha program, the user can post immediately. Many times when I go to a forum I have to register on, it's so I can post IMMEDIATELY for whatever reason. Having to wait several days usually sends me somewhere else. [/quote] That is why i said to make it optional-configurable.

Posted by: cagliostro - Sunday, 6 February 2011 17:01:00

[quote=squirrel;46558] The nice thing about reCaptcha is it will 'speak' to you if you can't read it. But blocking users for 24-48 hours will honestly keep them out much more than 'reCaptcha' will. At least with a captcha program, the user can post immediately. Many times when I go to a forum I have to register on, it's so I can post IMMEDIATELY for whatever reason. Having to wait several days usually sends me somewhere else. [/quote] That is why i said to make it optional-configurable.

Posted by: tha_watcha - Sunday, 6 February 2011 18:12:43
[quote]Not only captcha but some other anti-spam protection should be (optionally) added.[/quote] Yaf Already includes the akismet api, more info about that here [modalurl]http://akismet.com/[/modalurl]. But its currently not implemented as working solution for yaf, maybe it could been done in yaf 2.0 [quote]I'm curious, with the excellent features like reCaptcha implemented in YAF why you guys don't enable them on this site to keep the spammers down? [/quote] I absolutely agree on that. Unfortunately Captchas are not really safe anymore Spammers started paying people in third world countries to pay to solve the captchas.

Posted by: tha_watcha - Sunday, 6 February 2011 18:12:43

[quote]Not only captcha but some other anti-spam protection should be (optionally) added.[/quote] Yaf Already includes the akismet api, more info about that here [modalurl]http://akismet.com/[/modalurl]. But its currently not implemented as working solution for yaf, maybe it could been done in yaf 2.0 [quote]I'm curious, with the excellent features like reCaptcha implemented in YAF why you guys don't enable them on this site to keep the spammers down? [/quote] I absolutely agree on that. Unfortunately Captchas are not really safe anymore Spammers started paying people in third world countries to pay to solve the captchas.

Posted by: squirrel - Sunday, 6 February 2011 18:27:10
[quote=tha_watcha;46572][quote]Not only captcha but some other anti-spam protection should be (optionally) added.[/quote] Yaf Already includes the akismet api, more info about that here [modalurl]http://akismet.com/[/modalurl]. But its currently not implemented as working solution for yaf, maybe it could been done in yaf 2.0 [quote]I'm curious, with the excellent features like reCaptcha implemented in YAF why you guys don't enable them on this site to keep the spammers down? [/quote] I absolutely agree on that. Unfortunately Captchas are not really safe anymore Spammers started paying people in third world countries to pay to solve the captchas.[/quote] The thing that stinks about akismet is it costs money -- for many sites that are not-for-profit, if they generate large amount of traffic you get hit with a fee from akismet. As for the captchas - agreed they're not 100% effective, but they still put a major hit on the spammers vs. not running anything at all :)

Posted by: squirrel - Sunday, 6 February 2011 18:27:10

[quote=tha_watcha;46572][quote]Not only captcha but some other anti-spam protection should be (optionally) added.[/quote] Yaf Already includes the akismet api, more info about that here [modalurl]http://akismet.com/[/modalurl]. But its currently not implemented as working solution for yaf, maybe it could been done in yaf 2.0 [quote]I'm curious, with the excellent features like reCaptcha implemented in YAF why you guys don't enable them on this site to keep the spammers down? [/quote] I absolutely agree on that. Unfortunately Captchas are not really safe anymore Spammers started paying people in third world countries to pay to solve the captchas.[/quote] The thing that stinks about akismet is it costs money -- for many sites that are not-for-profit, if they generate large amount of traffic you get hit with a fee from akismet. As for the captchas - agreed they're not 100% effective, but they still put a major hit on the spammers vs. not running anything at all :)

Posted by: tha_watcha - Monday, 7 February 2011 13:01:56
[quote]The thing that stinks about akismet is it costs money[/quote] Yes, i almost forget about that, that makes it kind of useless. An alternative could be the [url=http://code.google.com/apis/safebrowsing/]Google Safe Browsing API[/url] it checks the posted links against a white & blacklist. Spammers always post links, the api help to block the complete posting.

Posted by: squirrel - Monday, 7 February 2011 13:05:49
[quote=tha_watcha;46576][quote]The thing that stinks about akismet is it costs money[/quote] Yes, i almost forget about that, that makes it kind of useless. An alternative could be the [url=http://code.google.com/apis/safebrowsing/]Google Safe Browsing API[/url] it checks the posted links against a white & blacklist. Spammers always post links, the api help to block the complete posting.[/quote] I'll have to check that out for sure :)

Posted by: squirrel - Monday, 7 February 2011 13:05:49

[quote=tha_watcha;46576][quote]The thing that stinks about akismet is it costs money[/quote] Yes, i almost forget about that, that makes it kind of useless. An alternative could be the [url=http://code.google.com/apis/safebrowsing/]Google Safe Browsing API[/url] it checks the posted links against a white & blacklist. Spammers always post links, the api help to block the complete posting.[/quote] I'll have to check that out for sure :)

Posted by: tha_watcha - Friday, 18 March 2011 18:27:01
[quote=squirrel;46577][quote=tha_watcha;46576][quote]The thing that stinks about akismet is it costs money[/quote] Yes, i almost forget about that, that makes it kind of useless. An alternative could be the [url=http://code.google.com/apis/safebrowsing/]Google Safe Browsing API[/url] it checks the posted links against a white & blacklist. Spammers always post links, the api help to block the complete posting.[/quote] I'll have to check that out for sure :)[/quote] After some testing with the google safe browsing API, i noticed it filter only phishing and malware sites as links. But all the Links posted by Spammers are not filtered. Then i found an open Source service, its basically the same as Akismet but free - http://blogspam.net/ I added it directly to yaf. Every Post is now checked for SPAM (Detection based on Post, IP, and Name) - Of course this can be turned off/on in the Host Settings. Currently the messages containing spam are rejected, but i think suspending the user would be also a possibility. Also i Added "Report as SPAM" Button to an Reported Message on the Report Messages Page - that sends the Message to the BlogSpam Service.

Posted by: tha_watcha - Friday, 18 March 2011 18:27:01

[quote=squirrel;46577][quote=tha_watcha;46576][quote]The thing that stinks about akismet is it costs money[/quote] Yes, i almost forget about that, that makes it kind of useless. An alternative could be the [url=http://code.google.com/apis/safebrowsing/]Google Safe Browsing API[/url] it checks the posted links against a white & blacklist. Spammers always post links, the api help to block the complete posting.[/quote] I'll have to check that out for sure :)[/quote] After some testing with the google safe browsing API, i noticed it filter only phishing and malware sites as links. But all the Links posted by Spammers are not filtered. Then i found an open Source service, its basically the same as Akismet but free - http://blogspam.net/ I added it directly to yaf. Every Post is now checked for SPAM (Detection based on Post, IP, and Name) - Of course this can be turned off/on in the Host Settings. Currently the messages containing spam are rejected, but i think suspending the user would be also a possibility. Also i Added "Report as SPAM" Button to an Reported Message on the Report Messages Page - that sends the Message to the BlogSpam Service.

Posted by: JP - Friday, 18 March 2011 20:18:51
Well, I use reCAPTCHA now but it doesn't protect against "human" spammers... Seem like the spambots are a bit more infrequent than earlier, though. But I've only used it for a couple of weeks so it's not very scientifically verified... Have had a couple of spammers also after introducing reCAPTCHA. Not a cure, but maybe a little bit of help - that's my view of it... [color=blue][i]Edit: That blogspam service looks promising - hope it will be implemented in a coming YAF release... [thumbup] [/i][/color]

Posted by: JP - Friday, 18 March 2011 20:18:51

Well, I use reCAPTCHA now but it doesn't protect against "human" spammers... Seem like the spambots are a bit more infrequent than earlier, though. But I've only used it for a couple of weeks so it's not very scientifically verified... Have had a couple of spammers also after introducing reCAPTCHA. Not a cure, but maybe a little bit of help - that's my view of it... [color=blue][i]Edit: That blogspam service looks promising - hope it will be implemented in a coming YAF release... [thumbup] [/i][/color]

Posted by: bbobb - Saturday, 19 March 2011 05:36:53
[quote=JP;47678] Have had a couple of spammers also after introducing reCAPTCHA. Not a cure, but maybe a little bit of help - that's my view of it.. [/quote] reCaptcha is not a panacea, but it works more effectively then YAF captcha. To protect yourself almost completely you should use a custom solution with at least 3 various protection levels.

Posted by: squirrel - Saturday, 19 March 2011 14:23:39
[quote=JP;47678]Well, I use reCAPTCHA now but it doesn't protect against "human" spammers... Seem like the spambots are a bit more infrequent than earlier, though. But I've only used it for a couple of weeks so it's not very scientifically verified... Have had a couple of spammers also after introducing reCAPTCHA. Not a cure, but maybe a little bit of help - that's my view of it... [color=blue][i]Edit: That blogspam service looks promising - hope it will be implemented in a coming YAF release... [thumbup] [/i][/color][/quote] I have just updated via SVN and it's already being included in the source, so I do think it will be in the next release --

Posted by: squirrel - Saturday, 19 March 2011 14:23:39

[quote=JP;47678]Well, I use reCAPTCHA now but it doesn't protect against "human" spammers... Seem like the spambots are a bit more infrequent than earlier, though. But I've only used it for a couple of weeks so it's not very scientifically verified... Have had a couple of spammers also after introducing reCAPTCHA. Not a cure, but maybe a little bit of help - that's my view of it... [color=blue][i]Edit: That blogspam service looks promising - hope it will be implemented in a coming YAF release... [thumbup] [/i][/color][/quote] I have just updated via SVN and it's already being included in the source, so I do think it will be in the next release --

Important Information: