I don't do web work except for tcp/ip or industrial protocols work. So I don't know the complexity of blocking spam. But is it really that hard to tell when someone is spamming your site and taking actions to reduce that spam? Don't you block their IPs?

I guess I should have used the devrant tag.

IP blocking is only a temporary fix, a proxy or vpn, hell even a dynamic ip from your ISP thwarts that.

You need a more rigorous signup and posting process, block image uploads for < 100++ accounts, block links for another n updoots, that still leaves things like email x[at]imASpamBot[.]com though.

yeah, spam is notoriously difficult to deal with. that's why it still exists. Nothing really works, captchas definitely don't help, blocking ips does nothing. rate limiting is useless if you get spam once or twice a day anyway... You can start using a blacklist of words to avoid, but that starts limiting real users too, not to mention the spam probably isn't automated, it's probably coming from a farm where people copy and paste it manually, and if that's true they can modify it on the fly to bypass whatever filters or measures you have...

It's a PITA

AI seems to be perfectly fit for that job. Problem is, it needs to be trained first and then it‘s relatively expensive to keep running.

Fuck that spamming human scum.

It’s really hard to completely get rid of bots sweeping over your site scanning for attack vectors. Best you can do is rate limiting, security headers and blocking the biggest botnet IP ranges there are, namely AWS, GCP and Azure.i don’t know, are they public anyway?

It's not that hard to detect bot behavior and content - unless you care about not losing that 0.01% chance of discarding a meaningful message or pissing actual users off by making them solve a math problem or click on the one object that does not match the others.

@ingosteinke MATE, fucking Skype wanted to make me click on the picture where the mouse doesnt get the cheese. 6 TIMES.

And apparently after the first run I was too slow, so I had to do it again, 7 times...

I didn't do the second time, if you were wondering.

The only way to block spam is to block everything.

If there's a way for legitimate content to get through, there's a way to get illegitimate content through too. No filter is 100% perfect, and once the spammers find a way past, they flood it.

Botnets get around ip blocking and rate limiting. AI gets passed captchas. You can program around content matching by trial and error.

It's an arm's race

most bots are still incredibly dumb, but human clickworkers are a real challenge

@lungdart it doesn’t need to be perfect though.

@Lensflare then there you go, the spam problem is solved. No need to complain

@Lensflare and then there will be AI trained to bypass AI's antispam filter.

#robot_wars

@netikras Yeah sure, but AI is already being used to produced spam. A spam detecting AI would be at least better than nothing. Right now it‘s not a war, it‘s a massacre.

What spam?

PS if you need somebody to recover your stolen bitcoin let me know I know a guy

@mostr4am lolz, thanks for that.