Managing Spam PMs

[Steve Freides]

There are some previous threads on this subject, e.g., https://xenforo.com/community/threads/disallowing-new-members-to-pm.186840/, but none discuss this issue specifically.

We had a problem with spam users registering then sending spam PM's in some quantity before their accounts were detected and banned. (Typically, spammers create spam posts, those posts appear in the moderation queue, and it's from there the accounts are removed, and the spammer hasn't tried to send a PM.)

Because we run the XF-supplied user promotion, it wasn't difficult to have the group Registered be unable to send PM's, and give that permission to the group Verified. But herein lies my problem: Our company runs several different Special Events, and after the event, each attendee receives a welcome email inviting them to PM me, the admin, and ask to join a special forum section for the type of special event they attended. This works fine for existing forum members, but it doesn't work for people who join the forum in order to obtain access to the special events section. It also doesn't work for the subset of people who joined years ago but have never posted.

My current work-around is to change the wording of our Welcome letter and tell these people simply, "If you are unable to send a private message, please use the Contact form instead." I then look up their email and grant them the access.

Other work-arounds are possible, but there's no such thing as a free lunch. I'd like to hear thoughts on better ways to manage this. (The only one I can come up with would be some alternative registration process for attendees of special events - when you register that way, you are not only made a member of Registered, you're also made a member of another group. But that seems like a lot of work, and the potential to share this alternative registration link made fraudulent use of it possible.)

Thanks in advance. We are running 2.2.1.

-S-

 

[briansol]

Yeah, managing groups like this is hard. Is et it up and then rolled it back.

I've been able to block the vast majority of spam using the built in options for spam:

• recaptcha v2 invisible
• Check new registrations against the StopForumSpam database.

-- Reject registrations when this many warning flags are detected: 1

• Only count flags recorded within the last: 45
• Only count flags recorded at least this many times: 2

- Check DNSBL on registration
-- BLOCK

• Manually approve registration if user shares IP used by a banned or rejected user in last: 90
• Prevent discouraged IP addresses from registering

Spam phrases:

/^\[url.*\[\/url\]$/si
/^http\S+$/si
/\[url=("|')?([^"'\]]+)("|')?\].*\[url\]\2\[/si
/\[url=("|')?([^"'\]]+)("|')?\].*\[url=("|')?\2("|')?\]/si
/^https?:\/\/\S+\n/si

Action:
Manually approve

 

[Steve Freides]

@briansol, thank you for this.

I changed some of my settings to match yours and we'll see how that goes.

Please explain, if you don't mind, the Spam Phrases. They all start with a leading "/" I see.

Thanks again.

-S-

 

[briansol]

Yea it's a regular expression. Copy as is

 

[MacSeah]

Yeah, managing groups like this is hard. Is et it up and then rolled it back.

I've been able to block the vast majority of spam using the built in options for spam:

• recaptcha v2 invisible
• Check new registrations against the StopForumSpam database.

-- Reject registrations when this many warning flags are detected: 1

• Only count flags recorded within the last: 45
• Only count flags recorded at least this many times: 2

- Check DNSBL on registration
-- BLOCK

• Manually approve registration if user shares IP used by a banned or rejected user in last: 90
• Prevent discouraged IP addresses from registering

Spam phrases:

/^\[url.*\[\/url\]$/si
/^http\S+$/si
/\[url=("|')?([^"'\]]+)("|')?\].*\[url\]\2\[/si
/\[url=("|')?([^"'\]]+)("|')?\].*\[url=("|')?\2("|')?\]/si
/^https?:\/\/\S+\n/si

Action:
Manually approve

Does anyone has a reference to what those depressions represents?