Reply moderation

Is the spam problem really so bad we need a full-on premoderation? I know there are antispam phpBB plugins, I can even take care of the paid ones.

We already use one of them but it isn’t perfect, a decent number of spammers still get through. Moderation of each user’s first post has proven useful and usually doesn’t take too long.

It’s one of those things, isn’t it? If the system works, then you don’t see any spam; if you don’t see any spam, you end up asking whether we do need the system.

We’ve had some spammy times in the past, so I for one kinda think first post pre-moderation is one of the best ways to prevent it. It’s certainly better than autoblocking IPs, or whatever, which can result in the occasional false negatives and block non-spammers.

I don’t ask if we need antispam protection, everyone knows it’s the blight of internet. Especially on phpbb engine because bots know it very well.

I just hate waiting a day before my posts get approved. The forum life is slow enough, and premoderation makes it even slower.

Do you know that this problem is already solved? We are genuine users here, we have already proved we’re not spambots or harmful humans. So there are several ways we can be shielded from spam. If a bot can’t register, it can’t post. If a forum has some custom rules to register, a bot can’t guess them.

  • A captcha plugin. Effective against bots. Ineffective agains humans paid to spam. Every default captcha phpBB plugin is cracked for several years now, complete rubbish. Use non-default solution.
  • Create a custom field on registration to filter common spambots. Less effective than a custom captcha.
  • Advanced Block MOD - checks every new registration against several lists of known spammers. Effective but it’s only a supplement solution, not a main one.
  • CleanTalk - paid cloud antispam service, about $2 per year. Checks everything against list of spammers, language filters, common topics on forum (to see if the message is relevant). Rehauls registration. A good ready-to-go solution with no captchas.
  • Double activation. Every time a user wants to register, he needs to be approved by an admin. It is very effective but slows down registrations a bit.

Seriously: do you know why spammers are VERY good at lockpicking phpBB forums? Because default solutions are trash and every bot already knows how to beat the rules before it gets here. Even a customized Q&A is nothing against spammer humans and bots can guess the answer eventually.

We’re basically using double activation as it is. Only the first post by each new user needs to be approved, which tends to show us whether it’s spam or not. Now that you’re approved you can post all you like without more premoderation. (Of course that’s not meant to be an invitation to start posting spam everywhere. :stuck_out_tongue: )

We should update to a newer major version of phpBB, which would help for countering spam, as the plugins we use now aren’t ideal. But our systems work well in general, and you’ll usually only have to wait at most a couple of hours before your first post gets approved.

There’s been a lot of one-shot spamming. That is, someone signs up and immediately posts spam. It only ever gets seen by the mods. It still is annoying.

Given that this only happens with the first post, and from then on it’s smooth sailing, surely having to wait a day (at the very most!) before your first post appears is not that big of a deal?..

To be honest, the sort of user who can’t wait a few hours for their first post to come through moderation is usually not the sort of user interested in IF anyway.

I think maybe part of the issue is that when Oreolek said “full-on premoderation,” s/he may have meant premoderation of every post, which we don’t have. Everyone else interpreted as premoderation of the first post, which we do have.

So… keep posting, Oreolek! You should be good now.



Sorry about that, then.