¿ªÔÆÌåÓý

  1. GroupManagersForum
  2. Topics

spam prevention for discussion lists

 

I'm about to create a discussion list (receive-only emails) for our user group.? I can set the moderation level to N approved posts before a member can post unmoderated.
But I'm concerned spammers will just create (huge numbers of) dummy email addresses in an attempt to post.

Any advice appreciated.
 

On Thu, Jan 17, 2019 at 01:39 PM, Frank Greco wrote:
I can set the moderation level to N approved posts before a member can post unmoderated.
But I'm concerned spammers will just create (huge numbers of) dummy email addresses in an attempt to post.
Any email address must receive a message from groups.io and?respond to it?before it is allowed to post.?Dummy addresses of the kind you mention will be stuck in "Not Confirmed" status in your group indefinitely, and you can purge them at your leisure. See?/g/GroupManagersForum/wiki/Status-Badges-in-the-Members-List?for details.

Existing account holders also receive a new confirmation email whenever they change their email address.

In the unlikely event that a spammer does get through, you can ban them. Premium groups can ban entire domains.

Hope this helps,
Bruce
--
The system Help is your friend.??/static/help
 

Thanks Bruce.

I'm just concerned I'll be spending an hour once a week purging spammer submissions.? ?I already do this with our WP website and its just a pain with hundreds of them.
Can we have some sort of delayed purge, that is, if a user is not approved after NN days, its auto-purged?

Frank

On Thu, Jan 17, 2019 at 1:59 PM Bruce Bowman <bruce.bowman@...> wrote:
On Thu, Jan 17, 2019 at 01:39 PM, Frank Greco wrote:
I can set the moderation level to N approved posts before a member can post unmoderated.
But I'm concerned spammers will just create (huge numbers of) dummy email addresses in an attempt to post.
Any email address must receive a message from and?respond to it?before it is allowed to post.?Dummy addresses of the kind you mention will be stuck in "Not Confirmed" status in your group indefinitely, and you can purge them at your leisure. See?/g/GroupManagersForum/wiki/Status-Badges-in-the-Members-List?for details.

Existing account holders also receive a new confirmation email whenever they change their email address.

In the unlikely event that a spammer does get through, you can ban them. Premium groups can ban entire domains.

Hope this helps,
Bruce
--
The system Help is your friend.??/static/help



--

Frank Greco
?(t) ? (g) 732-639-0990
 

I'm not sure what kind of list you will be running and why you think it will attract hordes of spammers. I don't say it never happens, but I've been running several email lists for over 20 years and I've only had one subscriber in all that time who I thought was a spammer and who I banned. There have been another half-dozen or so who I think had their emails spoofed and who I then put on moderation and that solved the problem.

I just don't see this as being an issue. Subscription requests have to be approved and then new subscribers are on moderation for their first 1 or more messages. A spammer would have to be very dedicated and spend a lot of time and effort on just your email list in order to get to the point where it would be possible to send any spam to the list. I can't see that as being cost effective for a spammer.

Jonathan

[excessive quote trimmed by Moderator]
 

Hi Jonathan,

Before our group instituted a Captcha V2 on our WP website, we got hundreds of email addresses per week in our database that were obviously programmatically generated.
It was a major headache for us to regularly purge our DB.? Just wanted to know if Groups had any anti-spammer procedures to offset that.

An auto-purge after N days would be fairly easy to implement I would guess.

Frank

On Thu, Jan 17, 2019 at 3:06 PM Jonathan Sivier <jsivier@...> wrote:
? ? I'm not sure what kind of list you will be running and why you think
it will attract hordes of spammers.? I don't say it never happens, but
I've been running several email lists for over 20 years and I've only
had one subscriber in all that time who I thought was a spammer and who
I banned.? There have been another half-dozen or so who I think had
their emails spoofed and who I then put on moderation and that solved
the problem.

? ? I just don't see this as being an issue.? Subscription requests have
to be approved and then new subscribers are on moderation for their
first 1 or more messages.? A spammer would have to be very dedicated and
spend a lot of time and effort on just your email list in order to get
to the point where it would be possible to send any spam to the list.? I
can't see that as being cost effective for a spammer.

Jonathan

[excessive quote trimmed by Moderator]





--

Frank Greco
?(t) ? (g) 732-639-0990
 

On Thu, Jan 17, 2019 at 02:47 PM, Frank Greco wrote:
I'm just concerned I'll be spending an hour once a week purging spammer submissions.? ?I already do this with our WP website and its just a pain with hundreds of them.
In the year that I've been involved with groups.io, I don't recall seeing any inquiries along these lines in GMF. Your mileage may vary, void where prohibited, objects in mirror may be closer than they appear.

Can we have some sort of delayed purge, that is, if a user is not approved after NN days, its auto-purged?
Pending subscriptions older than two weeks are automatically deleted (ref:?). Those in Pending and Not Confirmed status are also conveniently displayed on a separate, "Pending Approval" page in the member's list so they can be deleted earlier if desired.

Regards,
Bruce
--
The system Help is your friend.??/static/help
 
Edited

Is your group unrestricted?? that type typically has issues since looneys can join at will
--

Bob Bellizzi

Founder, Fuchs Friends??
Founder & Executive Director,?
 

We use a form on our web pages that allows people to request a subscription to our list. You can get the code from the Promote page under the Admin features. I don't think it has any specific security features built in, but we haven't seen any attempts to join programmatically. The code displays a window where people can enter their email address and a button they need to press to request to join the list. Of course, they then have to be approved by a moderator. We had a similar device for our Yahoo list before we moved to Groups.io. We never had any problems with that either.

Jonathan

On 1/17/2019 2:35 PM, Frank Greco wrote:
Hi Jonathan,
Before our group instituted a Captcha V2 on our WP website, we got hundreds of email addresses per week in our database that were obviously programmatically generated.
It was a major headache for us to regularly purge our DB.? Just wanted to know if Groups had any anti-spammer procedures to offset that.
An auto-purge after N days would be fairly easy to implement I would guess.
Frank

[excess quote trimmed by Moderator]
 

Frank,

But I'm concerned spammers will just create (huge numbers of) dummy
email addresses in an attempt to post.
Unless you set your group to allow non-subscribers to post the first hurdle for spammer would be joining your group. The bulk spammers won't bother, in my experience it is pretty rare to find one who will go to that trouble. Even on a large group with unrestricted membership.

If you do allow non-subscribers to post those messages are always put in the moderation queue, so at worst you'd have to reject them when they happen. I've a couple of groups set this way, the larger one has picked up a recurring spammer trying to sell a related service but so far that comes in only once or twice week, so no big deal to delete from the pending queue.

I'm about to create a discussion list (receive-only emails) for our
user group. I can set the moderation level to N approved posts before
a member can post unmoderated.
That's also a good way to thwart spammers, those few who bother to join your group.

Shal


--
Help: /static/help
More Help: /g/GroupManagersForum/wiki
Even More Help: Search button at the top of Messages list

1 - 9 of 9