Hi everyone, We've been dealing with a bunch of SPAM on the Ask site over the last couple of weeks. We recently enabled moderation on user content in an attempt to stem the vandalism of the front page, and I've spent the last couple of days investigating some possibilities for the site. As you might expect, I haven't found any silver bullets, but I do have a few suggestions that can help us manage the problem.
Based on my research on the Askbot.org site, a number of SEO-driven spammers have taken to posting on Askbot sites. It's not clear what percentage of these postings are run by scripts, but it's my understanding that some of the spammers are using some form of automation. On the AskLibo site, we're seeing not only SPAM in questions, but we're seeing SPAM in _follow-up_ answers as well. These guys are organized, and probably aren't just going to go away. The Askbot software includes a few different mechanisms for dealing with spam and malicious users: - Content Deletion - User Bans/Blocks - Content Moderation - Registration Limitations - Akismet SPAM protection/detection Content Deletion and User Bans/Blocks are pretty straightforward. Mods, Admins, and some users with high karma may delete content from the site. Users with less karma may flag content. All users spamming the site are banned (it's been pretty cut-n-dry up to this point). Content Moderation entails all user content going into a queue that is reviewed by the mods and then accepted for the site or deleted. This is what we have enabled right now. Since we've enabled Content Moderation, the spam on the site has basically disappeared [1]. We've approved a lot of content by legitimate users, and we've banned and deleted a number of spammers/spam content. >From the moderator side, Manfred (@manj_k) and I both agree that enabling moderation has given us more work, since we want to make sure that content does not sit for long in the moderation queue. That being said, before moderation was enabled, SPAM would sometimes sit on the site for hours at a time, and I've heard multiple LO users/contributors refer to the site as a "SPAM pit" or "totally messed up". We've also run into some hiccups with the moderation interface which prevented us from actually being able to approve any questions. >From the user side, we've only gotten feedback from a few Ask users. Reception was mixed, with an overall feeling that moderation is an acceptable short-term solution, but needs a better long-term fix. One of the users suggested... (a perfect segue) ...Registration Limitations Other sites have used registration limitations to reduce/eliminate spam on their Askbot site. One mechanism suggested to us was to require our users to have an email address from a "paid" provider. That is, no gmail, yahoo, hotmail, etc... accounts would be allowed (at least not during registration). The suggestion is clever and powerful, and could probably serve as an excellent filter on spam, but my concern with such a proposal is that many legitimate users rely on a free provider for their email, and such an hard rule might discourage many of our meekest users from participating on the site and getting help from us. Next up in our quiver of features is Akismet SPAM protection/detection. I don't know too much about this product, but it's basically an external SPAM-filtering service. People rave about it on this wordpress page[2], and I've seen it in action on a Wordpress hosted blog. To quote Ron Popeil, you "set it and forget it". There are two possible issues with Akismet, (1) it ain't Free, and (2) it ain't free. (1) As a hosted, commercial solution, Akismet is running some proprietary software stack. So no Free/Libre/Open Source Software love here. (2) Akismet is free for (some) personal use, but costs something more in all other cases[3]. That might be $50/month, $100/month, or they might just be nice and give us some kind of discount. It's pretty nebulous here. I'm not sure whether (1) or (2) would preclude Akismet being used in the LO infrastructure, but I figured I'd include the software/service in the list and let someone else tell me the rules :-) --- That mostly sums-up what's present in the Askbot software *right now*. There are some other options that have been proposed for future development in Askbot including IP-based tools (Blocking by IP, User identification by IP, etc..), karma-based moderation, and group-based moderation. Some of these ideas are discussed on the Askbot site for Askbot[4]. I've asked a couple of questions on the Askbot.org site[5] and have received very prompt replies from the creator of the software, Evgeny Fadeev. One proposal I made was to allow mods to tweak the application of Content Moderation so that it only applies to a certain subgroup of users, for example: * All users with karma < MIN_KARMA_TO_SKIP_MODERATION * All users who are not in a group flagged to SKIP_MODERATION, or * All users whose account is younger than MIN_AGE_TO_SKIP_MODERATION I've had a couple of chats with Alex Werner, and he believed that we should be able to put the bulk of our users into a 'trusted' group so that they can skip moderation. He also insinuated that karma-based moderation might be available in a newer version of the Askbot software, and that we might be able to upgrade in the near future. As I said in the first paragraph, there's no silver bullet here...at least not *yet*. We can try out a new version of Askbot, test Akismet, or maybe make some local tweaks to our software. Most importantly, we've got the 4.0 release coming up very soon, and I'd really like the site to be ready to receive a bunch of new users and help answer their questions swiftly and professionally. For now, given that we don't have any way to bypass Content Moderation for our existing users and given that we've had some system instability with the moderation interface, I suggest that we disable Content Moderation. I'll try to check the site regularly, especially next week, and encourage all our users to flag SPAM early and often. Cheers, -- Robinson 'qubit' Tryon LibreOffice Ask site moderator [1] Side note: Due to some weirdness/bugs in the system, we've actually had to push content *through* the approval system before we can delete it, but it's only live on the site for a few seconds. Hopefully the latest version of askbot will fix that. [2] https://wordpress.org/extend/plugins/akismet/ [3] https://akismet.com/signup/ [4] http://askbot.org/en/questions/ [5] http://askbot.org/en/question/9882/is-it-possible-to-moderate-user-content-based-on-karma-or-other-factors/ -- Unsubscribe instructions: E-mail to website+h...@global.libreoffice.org Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/website/ All messages sent to this list will be publicly archived and cannot be deleted