Opened 9 years ago

Closed 8 years ago

#12734 closed bug (no change required)

haiku website spam filter overzealous...

Reported by: cb88 Owned by: haiku-web
Priority: normal Milestone:
Component: Website Version:
Keywords: Cc:
Blocked By: Blocking:
Platform: All

Description

I'm currently blocked and a lot of other people seem to be as well have used other means of communication as well to show this is happening.

Someone at some point mentioned a method of fixing this but I never got it to work (something with validating your email with the spam filter service)?

Change History (24)

comment:1 by Giova84, 9 years ago

I've found the same issue since long time. Whenever I attempt to insert an url on the Haiku-os.org forum (eg an url which points to this bug tracker) I am unable to post any topic and replies due the spam filter.

comment:2 by cb88, 9 years ago

I can't post *anything* ... at all.

comment:3 by richienyhus, 9 years ago

I have lost all my forum moderator powers, so it looks like the Drupal modules used for anti-spam/moderating in the forum has changed.

I would rather we started using more modern forum software, rather than a bunch of random Drupal modules hacked together. Something like:

https://vanillaforums.com https://nodebb.org http://flarum.org

Last edited 9 years ago by richienyhus (previous) (diff)

comment:4 by pulkomandy, 9 years ago

While replacing the forum would fix the issue for it, we would still run into this problem for blog post comments and the like (unless we also replace those?)

Anyway, it can't be that hard to revert the spam filter to how it was before (more relaxed) and allow some false positive, which we can them manually "report as spam". IIRC waddlesplash made the changes to make the filter more restrictive, and now it is more nuisance than the spam itself.

comment:5 by cb88, 9 years ago

From what I understand this is mainly to combat bots... right?

Implementing a capcha + simple "is human" check works for 99% of all sites I ever go to... and most don't even need that.

in reply to:  4 comment:6 by richienyhus, 9 years ago

Replying to pulkomandy:

While replacing the forum would fix the issue for it, we would still run into this problem for blog post comments and the like (unless we also replace those?)

We can replace the comments for the blog posts with an embeded forum topic.

Plus they all have or are planning to have 'Ideation' (which is the perfect replacement for the old project glass elevator), 'Q&A' (stackexchange clone) and user support modules.

comment:7 by pulkomandy, 9 years ago

@richienyhus: there is also the problem of migrating all our data (10+ years of forum posts and blog comments) to such platforms, which makes this a not-so-easy switch. I'm not opposed to it, but it seems to be a long-term effort, and in the meantime we should at least keep the existing system running.

Probably a captcha at the "subscribe" level would filter most bots out, and then we could relax the post-by-post filter again.

comment:8 by Giova84, 8 years ago

In the last weeks I've been able to post url again inside the forum, but today I am unable again. This is very annoying: i can't take part to the forum activity: by reading this ticket I also see that some people are also totally unable to post at all. This ticket is rather old: no one can provide a fix?

comment:9 by umccullough, 8 years ago

It seems that in an attempt to "fix" spam issues we keep changing the modules and settings on the Drupal site.

We either need to accept a certain amount of spam (either by ignoring it, or having moderators constantly deleting it), or we can further restrict the site to the point where very little spam makes it through (it will always get through as long as we allow new users to register without administrator approval).

I would be happy to undo the current spam filtering modules and settings, but I have zero time to moderate. Over the years, it seems the number of website admins keeps diminishing to the point where we have only a few that actually do anything, and it is only reactive, not proactive. I had set up the previous solution(s) that were working fine for years... but they were all changed around a few months ago.

in reply to:  5 comment:10 by umccullough, 8 years ago

Replying to cb88:

From what I understand this is mainly to combat bots... right?

Implementing a capcha + simple "is human" check works for 99% of all sites I ever go to... and most don't even need that.

We did have Mollom (uses recaptcha selectively) setup to deal with suspected spam - but it still gets through.

Ultimately, spam is less "bot" these days and more "human" - meaning that there are people out there who are paid to do nothing but sign up on websites and post spam. They can bypass captchas most of the time - the only way to effectively stop them is to make them jump through many hoops.

The more hoops we put in the way, the more likely that people will be annoyed EVERY time they attempt to post. We could perhaps start creating a user level that doesn't require jumping through hoops, and have users bumped up to that level selectively by moderators, but again that requires people to actually do the moderation and administration, of which we have few willing to do so.

comment:11 by pulkomandy, 8 years ago

At some point we had spam getting through but a "report as spam" button (possibly only for some people?) on the posts. Then it was easy to click on that and make the spam posts disappear.

This is only reactive handling, but usually the posts would be deleted in minutes, which I think is ok, and less annoying than preventing some real users to post messages.

Is there some logging of what the spam filtering modules do? On Trac side I know there is, and we can usually see which of them gave a wrong karma to a valid post and adjust the settings accordingly.

in reply to:  11 ; comment:12 by humdinger, 8 years ago

Replying to pulkomandy:

At some point we had spam getting through but a "report as spam" button (possibly only for some people?) on the posts. Then it was easy to click on that and make the spam posts disappear.

That is still there in a way. It's now simply "delete", but I suspect still only visible to some roles.

This is only reactive handling, but usually the posts would be deleted in minutes, which I think is ok, and less annoying than preventing some real users to post messages.

+1. We could use more people with that spam-deleting-role, though.

in reply to:  12 comment:13 by Giova84, 8 years ago

Replying to humdinger:

Replying to pulkomandy:

At some point we had spam getting through but a "report as spam" button (possibly only for some people?) on the posts. Then it was easy to click on that and make the spam posts disappear.

That is still there in a way. It's now simply "delete", but I suspect still only visible to some roles.

This is only reactive handling, but usually the posts would be deleted in minutes, which I think is ok, and less annoying than preventing some real users to post messages.

+1. We could use more people with that spam-deleting-role, though.

I am often online, so personally I would be glad to give a contribution to the forum/community.

in reply to:  11 comment:14 by umccullough, 8 years ago

Replying to pulkomandy:

At some point we had spam getting through but a "report as spam" button (possibly only for some people?) on the posts. Then it was easy to click on that and make the spam posts disappear.

Yes, I recall that being available. I think that module was removed/replaced with a different one.

I am unsure what modules and functionality are currently enabled - I know our drupal install is lacking some updates, however, so perhaps this coming weekend if I have time, I will install updates and review the current setup to see what we're using.

comment:15 by richienyhus, 8 years ago

Should we try the "Retain the post for manual moderation" setting on this page?: https://www.haiku-os.org/admin/settings/mollom/manage/comment_form

Currently its is set to discard all comments identified as spam.

comment:16 by Giova84, 8 years ago

Currently I still see some real spam posts in the comment section of the following article ​https://www.haiku-os.org/blog/barrett/2016-07-15_streaming_support_and_mediakit_development_report_7#comments (the comment from the user zakbut, is a member since 1 day and he post spam links): while spammers (registered to the site since 1 day) are free to spam the website, in the meantine regular and long time users are unable to post on the site due the spam filter

comment:17 by Giova84, 8 years ago

There is another spam comment by the user zakbut: ​https://www.haiku-os.org/blog/barrett/2016-07-18_tales_video_editor#comment-34246 Sorry if i report this here, but there is no way, on the haiku website, to report spam and the contact form doesn't work at all: see ticket:12888

comment:18 by Giova84, 8 years ago

Today i received another message which has made me unable to post on the forum:

The spam filter installed on this site is currently unavailable.
Per site policy, we are unable to accept new submissions until
that problem is resolved. Please try resubmitting the form in a couple of minutes.

But I waited in vain.

comment:19 by edglex, 8 years ago

I have the same message as Giova84, and have not been able to post at all to the site for days. munchausen.

Version 0, edited 8 years ago by edglex (next)

comment:20 by kallisti5, 8 years ago

Mollom API keys	Network error
The Mollom servers could not be contacted. Please make sure that your web server can make outgoing HTTP requests.

It isn't the new spam system I set up. I disabled mallom because it plain sucked. I installed AntiSpam which includes recaptcha. *SOMEONE* then went in and re-enabled it and disabled AntiSpam. Now Mallom is broken and everything is on fire.

comment:21 by kallisti5, 8 years ago

I'm going to rip out all the spam prevention and re-add one. Stand by

comment:22 by edglex, 8 years ago

Yay, it works! Thanks kallisti5

Last edited 8 years ago by edglex (previous) (diff)

comment:23 by kainjow, 8 years ago

Seems like this is obsolete now with the new website and forums?

comment:24 by kallisti5, 8 years ago

Resolution: no change required
Status: newclosed
Note: See TracTickets for help on using tickets.