MetaPhile: Signups need to be constrained

joeclark's picture

It should not be possible to register a new account and immediately post to Typophile. That’s how spammers (and students who want us to do their homework for them) get in.

Take a page from MetaFilter yet again:

  • You have to pay a lifetime fee of $5 when you register. There are no other fees and the fee cannot be refunded.
  • You have to wait a week after registration is complete (i.e., after Typophile receives your $5) to post a new topic.
  • You may, however, post a comment in a forum (e.g., an answer to a question) immediately after registration is complete.

If you don’t like this prospect, what’s your alternative? Nothing? That’s what we’ve got now and it has led, as “moderators” should have predicted, to spammers infiltrating this site. Retaining the current system guarantees more spam. Something has to be done, and the MetaFilter system is proven to work.

Bendy's picture

I think Type ID needs to be unrestricted at least.

Lex Kominek's picture

I think all signups need to be unrestricted. We shouldn't treat all potential users as spammers, just because a small percentage is.

- Lex

Florian Hardwig's picture

I agree with Lex.
That said: The register process used to include a CAPTCHA. It is gone now. I think this minimum obstacle should be reintroduced.

joeclark's picture

Spammers can handle CAPTCHAs quite well, Florian. It won’t solve the problem. Nor do I buy the idea that we’re just dealing with a couple of bad apples. Spam appears here on a weekly basis, or (let’s say) every 10 days.

Another advantage of constrained new memberships is it requires administrators to actually tend to the site, instead of letting spammers sign up and, one minute later, post unsolicited commercial messages to the site, which admins can take days to notice. Constrained memberships force admins to actually administer instead of being absentee landlords.

Quincunx's picture

The spammers are problematic, obviously, but I honestly don't know if constrained membership is the solution. It's possible that it works, but on the other hand it's also very possible you end up with a forum where hardly any new people are being introduced. Then it'll be a secluded elite clique. I don't think that is desired. It's probably better to try and see what happens if you install every method of countering bot-registrations - make it as difficult as possible - like CAPTCHA, e-mail verification, and so forth. I'm quite sure that Joe is right when he says some spammers can circumvent these precautions, but also that it will become too much of a hassle for spammers to continue?

hrant's picture

> Spammers can handle CAPTCHAs quite well

That's absolutely not true (you must have something against captchas for some other -probably pointless- reason). If it were true, hundreds of high-end sites would not be relying so heavily on it. I've only seen one trick that tries to get around captchas - it was very devious, but has now disappeared, surely for good reason (probably because a captcha-using site can simply stop allowing an image referral on a captcha).

Having a captcha for creating an account is a good -and sufficient- idea.

hhp

kentlew's picture

I’m not sure if there’s a different definition of “e-mail verification,” but Typophile currently requires a valid e-mail upon sign-up, where it then sends an automated message with a random password for first-time log-ons.

What I’ve noticed (in the course of janitorial service) is that a lot of spammers use disposable e-mail services like yopmail and mailinator to get through that barrier.

I don’t know if that sort of e-mail thing is automate-able for a spam-bot. If not, then there are real people spamming the system. In which case, a CAPTCHA will do little good.

On the other hand, adding a CAPTCHA probably couldn’t hurt.

hrant's picture

Real people are very rarely the problem.

hhp

Quincunx's picture

kentlew: I have no idea if bots can 'use' an e-mail verification system (or.. well, I wouldn't be surprised if they can). But if they are human spammers, adding CAPTCHA just adds one more step they have to go through. I doubt they are human spammers, but if they are, then adding another step might make signing up just for spamming too much of a hassle.

hrant's picture

Especially if we use NotCaslon.

hhp

Syndicate content Syndicate content