We've all seen the spammers kicking old threads every once in a while. Usually the devmaster staff is able to remove the post in a reasonable timeframe, but I was wondering if anything can be done to prevent it from happening altogether.
Before going further, I would like point out that whether we _should_ do anything to prevent spamming is another question altogether. I don't see that much spamming here to the level that it is unworkable, and the time taken to implement any anti-spamming scheme might outweigh the actual discomfort that the spammers are giving us. Yet, I think anti spamming techniques are an interesting subject, which is one of the reasons why I'm opening this topic. So please, keep an open mind .
When analysing some of the spam messages, I noticed some things.
- The threads posted to are mostly not recent. The IDs seem particularly random. This makes it look automated.
- The posts are made in quick succession, with about 2 or 3 posts per minute.
- The posts are obviously not related to the thread, nor even to game development in general, and always contain one or more links to other sites. Although this information probably can't be used without being able to semantically parse forum posts, which is completely different topic of research
Now, even though the posting itself seems automated, I wonder whether that also applies to creating the actual account. The registration procedure contains a captcha (although that doesn't necessarily mean it can't be "broken"), and the recent spammers seem to have taken the liberty to enter at least *some* data in the optional personal info fiels.
Of course, I have no data on the actual time spent on the different pages before registering, during registering and during posting, but I doubt that much of the spammer(bot)s have actually read some topics before creating an account or posting to it. So maybe we can come up with a scheme to keep the spammers at bay, with minimum impact on genuine users. And I don't think I need to stress that minimum impact on genuine users is a very important factor.
- You can only register an account after having spent 10 minutes on devmaster browsing at least one topic.
- For the first few posts, you can only post to a topic after having spent a few (say, 4) minutes in that topic.
- For the first few posts, you are not allowed to kick multiple threads older than a month.
- For the first few posts, or perhaps in general, limit the number of posts per timeframe that a user may post, unless that post is in a thread where the user already recently posted
These rules should be easy enough to implement, and accompanied with friendly error messages it would not bother the occasional new user who is a little too enthousiastic in his posting much. Of course, such rules can be easily bypassed. The question is whether it is feasible for the spammers to actually bypass them. We're not a very big community, and most spam posts are not really targeted at typical devmaster audience. Probably the only reason we get spammed in the first place is because devmaster is using a popular bulletin board system.