Xenforo's anti-spam measures stop all automated spam, so this is about stopping human spammers, who tend to be from the poorer countries - Bangladesh, Cambodia, Cameroon, Congo, Egypt, India, Indonesia, Iran, Iraq, Jordan, Kazakhstan, Kenya, Morroco, Nigeria, Pakistan, Philippines, Somalia, Sri Lanka and Vietnam. We also get cookie stuffers from Korea and slightly more sophisticated (but rarer) product promotion from China, Hong Kong, Russia and Ukraine.
Most spammers aren't particularly sophisticated, so they tend to have routines which mean there are common account attributes. Often female, sometimes with a sexy avatar, location is US. Easy to spot and decimate.
My top tips.
- I use https://xenforo.com/community/resources/slider-captcha.3756/ which is the most elegant and easy human verification captcha I've seen.
- Get a StopForumSpam key and enter that into your Spam Management options so that known IPs and email addresses get flagged. I have been putting them in the user moderation queue, but if they have just a few email and/or IP matches, I tend to deny registration, so I may start blocking them automatically. Also having a StopForumSpam key means you contribute to the spam database, which is particularly satisfying.
- Install this https://xenforo.com/community/resources/country-flags-by-ip-address.3080/ so you can instantly see what country the spammers are posting from.
- Force people to enter their location on registration, then if it doesn't match the country flag, you can investigate. There are also patterns in what the spammers enter. Recently a lot have been entering 'earth' or 'vic'.
- Install https://xenforo.com/community/resources/spam-rules-by-waindigo.2771/ and set it to put all posts by people from spammy countries into the moderation queue.
- If you have some countries which only have spammers, install this addon https://xenforo.com/community/resources/user-registration-spam-rules-by-waindigo.2890/ to stop people from those countries from registering altogether. We block Bangladesh, India, Republic of Korea and Pakistan
- If you get more than one spam attempt at a specific domain, block by adding it to the Spam Phrase box in the Spam Management tools page. I put posts in the moderation queue so that if we see a spammer, we can decimate them.
- I use https://xenforo.com/community/resources/mws-daily-statistics.2111/ which gives me a convenient link for today's registrations. I tend to scan down that list and quickly spot spammers.
Recently we've been having more spammers with UK and US IP addresses, which is a concern because most of our membership is from those two countries.
What are your experiences?