On 23 May 2013 11:15, Peter Saint-Andre <[email protected]> wrote: > At jabber.org, we turned off in-band registration and forced all users > to register via https://register.jabber.org/ with CAPTCHA required. > That did not really prevent spam registrations (at one point we had > over 10,000 users that we suspected of sending spammy invites to > Google Talk users).
IMHO, forcing CAPTCHA-protected in-band registration instead of web-based one is more effective _temporary_ measure, since HTTP is much more widespread and there's more readily-available instrumentation for automating account registrations. But, again, it's only temporary measure and effective only while spammers have not created efficient tools to bypass it. Email-based account activation also won't help a lot, since it's not hard to run own SMTP server. All this makes me think that anything which deals only with registration, but not actual account activity, won't be effective as a long-term solution. -- Best regards, Maxim
