Spam not being caught
-
We've got SpamBeGone enabled, with Akismet, Project Honeypot, and reCAPTCHA; and we only allow SSO login.
But recently, there's been a huge spate of sneaky spam posts where they just reply, then edit the @-mention URL to some external site -- or, even more sneaky, they leave the @ and the first few characters as the original @-mention link, but the last few characters of the username are really a link somewhere else; similar for the
in [Name of This Topic](/post/####), it gets changed toin [Name of This Top](/post/####)[ic](link-to-external-site)Sometimes they are "kind" enough to not post any text, so it's just got the quoted text, so while I'm reading posts, I can at least use that to clue me in to check for hidden links and then moderate/delete/ban. But if they combine it with a ChatGPT-style reply, they can often sneak past the radar.
Akismet, despite stopping many perfectly-reasonable posts, does nothing on those kinds of posts.
So does anyone else have ideas on how to combat/prevent those kinds of spam posts?
Or is there a setting or plugin that allows restricting which external sites can be linked to? (Like "allow links to google or our homepage or a few other sites, but not links to any random site") Or a way to get it to flag links that are external vs internal, so it's obvious all the links that go outside our forum?
-
First off, are you using the registration queue? That's stops 100% of the spam here because if you create an account, you have no rep, and your post needs to be authenticated.
Most spammers don't have time to craft actually helpful replies. I automatically reject any of the chatgpt crap that comes in.
-
We haven't, as of yet, because we don't have enough coverage to approve such posts 24/7, and we get a lot of international posts -- we hadn't wanted to make users wait until one of the moderators was awake before their post is made public and starts getting replies. But maybe we'll have to.
-
@PeterJones the way your spam is presented is novel, even clever. I don't think I've encountered that kind of spam before (or maybe it slipped through!
)Putting in an icon for external URLs makes sense, I'll look into adding.
-
Both of those have been working since we upgraded to 3.4.1, so that's great.
Unfortunately, with "minimum reputation for posting links" enabled, it also means that new users cannot (easily) reply to posts, because replies automatically include @-mentions (which count as links) and a link to the post they replied to (which counts as a link). It would be nice if the link reputation-for-link requirement were only for external links.
Though as I'm replying to this post, I see neither an automatic @-mention nor a link to the previous reply, so that implies that there's a way to turn off that automatic text. However, I cannot find a setting that turns those off. In 3.4.1, how can I turn those automatic "links" off? If I do that, it would allow newer users to reply more easily.
Thank you.
-
@PeterJones those links are added when you use
@mentionlike @PeterJones or when you quote someone with the quote button on their posts. We should definitely fix it so they don't count against links. I think internal links to the forum shouldn't count against that setting. -
@julian said in Spam not being caught:
This is fixed and slated for release with v3.6.0
Thanks for the fast fix!
just needed to spend a whole day 
to come to this conclusion
