Dealing with spammers ...

Posting rules: It shouldn't need saying, but... play nice. Please keep your discussions civil. You can disagree, just don't be disagreeable. And, of course, all of the usual stuff like no spamming. Tex adds: I'll be rigorously enforcing this as we go along. We're probably going to be a small community in a little lifeboat, so we can't have members at each others' throats. This is for the sake of the project as a whole. So when you post, pretend you're speaking in person with your very wealthy auntie who has always treated you wonderfully and currently lists you prominently in her will. I won't be tossing anyone out of the forums because we are all in this together (except spammers: immediate membership cancelation), but I'll delete suspect posts right away.

13 posts / 0 new
Last post
Dealing with spammers ...

An onerous task, especially when idiots like our current 'friend' are so persistent.


It occurs to me that in this case, and perhaps others, the ultimate beneficiaries of the of the spamming would be rich corporations.


Perhaps it would be possible to collect evidence and send them an invoice for the 'cleanup' time.


Now if there was an internet campaign along those lines how long would it take to inundate the companies at the source of the problem with invoices and make a point about the way they do business?



On a more serious note - tex, if you need some temporary (or indeed permanent) help with this problem I think there are a few of us who could assist on an 'as needed' basis.






Thanks for volunteering.  I

Thanks for volunteering.  I always thought you are the moderator.  You have been very helpful in many posts here.  I cannot volunteer since I am lacking the technical skills.


I think you would be a perfect additional guardian here, I certainly vote for you, although I know, this would be an unpleasant task; fighting the spammers, on the other side, does not seem to be something we can do efficiently. Reporting them, complaining or using blacklists is what dedicated groups of programmers and organisations do with very limited success.

(Sooner or later the filter would let some "v!agr@" message come through and block my "the blue tones of this .cr2 file look like viagra on steroids" question.)

The current problems certainly show, how helpless we are, when Tex is away.


Have a nice day!




Yes, tell us, if you need

Yes, tell us, if you need help.


Thank you Ranier, you are so

Thank you Ranier, you are so kind.  I will.  Just going through a bit of an overwhelming period at our house right now, my wife and I working non-stop.

Automatic Approval?

Why did we go to this technique?  I realize that it's easier for the moderator(s) but it comes with the potential problems we see now.  Automatic approval can lead to the potential for computer bots, which ultimately can take down websites through DoS (Denial of Service) attacks and other malware issues.


If this is the technique of choice then the new posters should not be have automatic approval for new post until the have at least multiple (5?0 legitimate postings sent.  If I'm not mistaken, I believe that all spammers need is to have 1 legitimate post approved at which point post approval is automatic for subsequent post.


IMO, it should be one or the other, remove automatic approval or continue moderating new users until they meet a certain standard (5 legitimate posts?).



Meanwhile there are more than

Meanwhile there are more than 50.000 registered users in this forum. I think it is nearly impossible to approve them manually. I do think that the reason for this huge amount is the necessity to be a registered user in order to be able to download the software. 


I don´t know whether moderating the posts of new users is a manageable way to deal with the problem.




By uses this anti-bot technique, every message would require a human challenge response that an internet bot cannot respond to using auto techniques, see below. 


The current spammer is not writing each message to this list one at a time.  It is an internet bot sent to thousands of poorly protected web sites at a time. 


Employing this technique, or some other technique, would require an additional response for each message a valid user post.  It is a worthwhile  sacrifice  IMO.



Yes, it looks like we are

Yes, it looks like we are going to have to move to a CAPTCHA routine for every post.  But this was the worst problem we've had in a long time, and of course this was an actual human---"it" got by the CAPTCHA we use to register.  And Ranier V is correct.  We had many incidences last year of being completely inundated by new registrations on certain days and periods (and many, many complaints!  Some truly nasty ones, at that...), so manual approval isn't a viable option anymore.

Thank you again, Grant, my

Thank you again, Grant, my old partner in crime.  I will let you know.  This was an unfortunate blip this weekend.  Sorry I didn't catch it.  Frances and I reamin "up to our eyeballs", made worse with our main email hacked and disabled.  Google's no real help.  I will think about this---we may go back to the old days (commercial product's forums) when we had several moderators, and you one of them.  It's true with Doug gone there's no backup.

Just let me know tex. Always

Just let me know tex. Always willing to help.


I don't recall there being a whole lot to do in the 'commercial' days but times change and it was not so busy anyway.


I am currently a moderator on another (commercial) forum totally unrelated to photo editiing and over many years I can count the number of times I have needed to do anything on the digits of one hand. However it's probably not such a busy place as to attract spammers. Or even active participants amongst the registered users.


For commercial reasons membership of that forum is now controlled via licenced user customer portal login management so anyone getting in there will either be very very determined or make a luicky strike through an undefended opening somehow.


I believe it is about to be upgraded anyway which will likely end my involvement - though that has been 'imminent' as "any day now" for some months. It is hardly going to make any difference to me no matter how long it takes!





Blocked IP

I have nothing but profound thanks and sincere respect for all that you do, and am extremely sympathetic to your efforts to block any and all spammers. But I've discovered that my IP address is being blocked by (though I am a registered user, and have never had any mail server capacity on my home network). I'm 99% sure that my machines haven't been recruited for a zombot attack (I use good security, and have just scanned everything for trojans). I'm accessing you now via an anonymizer, and can also access you through a robust proxy server. When time permits, could you perhaps tweak your blacklist filtering? (I just checked my ip, and it seems clear, though one somewhat questionable list--out of about 90) does flag the address, which is a Comcast supplied ip. Thanks, RK

I'll look into it when I can,

I'll look into it when I can, but that may be a while----still fiendishly busy at my end.