Can confirm that i also got a message.
Reported as well.
Posted under General
Got another one, deleted the message unfortunately, but I did chase the username first;
"kate9s452"
An invisible recaptcha has just been implemented at around 19:50Z, and so far there have been no new accounts with the name format that the spammer has been using. http://danbooru.donmai.us/users?page=a532407
The remaining spammer accounts are in the process of being banned, and assuming no false positive, will be deleted as well.
BrokenEagle98 said:
An invisible recaptcha has just been implemented at around 19:50Z, and so far there have been no new accounts with the name format that the spammer has been using. http://danbooru.donmai.us/users?page=a532407
The remaining spammer accounts are in the process of being banned, and assuming no false positive, will be deleted as well.
This goes up to page 14 of the current feedback pages.
Holy..
For those that want a visualization of the banning process in action, check out the CSS code in forum #120706. It puts a strike through the usernames of banned users.
Updated
SoulEvansEater said:
A lot of people have been suggesting a captcha, but they aren't nearly as effective as people think. They're frequently farmed out to sweatshops in third world countries to complete en-masse. If an attacker really wanted to register accounts, it would cost them a little money, but would be trivial to do.
Then how do you suggest that we make registration harder for spambots without compromising ease of use for legitimate users?
tapnek said:
Then how do you suggest that we make registration harder for spambots without compromising ease of use for legitimate users?
Why not simply implement a minimum account age required to send messages as a stopgap measure? I moderated /r/hentai on reddit and we dealt with advertisement / spam bots by simply enforcing a 7 day minimum account age before they were allowed to contribute ANYTHING.
PSYNtech said:
Why not simply implement a minimum account age required to send messages as a stopgap measure? I moderated /r/hentai on reddit and we dealt with advertisement / spam bots by simply enforcing a 7 day minimum account age before they were allowed to contribute ANYTHING.
That seems easily circumvented. Register account, wait seven days, spam a lot. This can be automated by simply saving the account creation time in a database and rotation accounts accordingly. I guess it did work for you, though, or you wouldn’t be mentioning it.
Edit: The alot is better than me at spelling.
Updated
kittey said:
That seems easily circumvented. Register account, wait seven days, spam a lot. This can be automated by simply saving the account creation time in a database and rotation accounts accordingly. I guess it did work for you, though, or you wouldn’t be mentioning it.
Edit: The alot is better than me at spelling.
I mentioned in the post that it would be a stopgap measure. For us, it allowed us to immediately filter out content on a subreddit level until the bots were banned by reddit itself. It would give albert x number of days to work on a more permanent solution while keeping the bots in check.
I remember that there was a similar complaint about someone making many sockpuppets to do edits. (And it wasn't even a spam bot attack, just a single user.) Having a one-week limit on using certain features isn't a significant threat, but it's at least a speedbump in the way of certain abusive users. At the very least, it requires abusive sockpuppet account makers to plan their attacks a week in advance, rather than just having a VPN allow them to make throw-away accounts on the spur of the moment.
astor said:
I got a bot as well:
How do I go about reporting this user or the message they sent me?
From the user page, hit the positive/negative/neutral link next to Feedback, then click New at the feedback page's menu bar. Mark it as a negative feedback and make sure to say it's spam in the body.
theadonicus said:
From the user page, hit the positive/negative/neutral link next to Feedback, then click New at the feedback page's menu bar. Mark it as a negative feedback and make sure to say it's spam in the body.
Member-level users aren't allowed to write user feedbacks. I'd say just contact a staff member and hope for the best.