[Solved] Temporarily closed signups because of spam signups

Ruud@lemmy.worldmod to Lemmy.World Announcements@lemmy.world – 91 points –

So some spam signups just happened (all username12345678@gmail.com format e-mail) This caused bounced mail to increase, causing Mailgun to block our domain to prevent it getting blacklisted.

So:

  • Mail temporarily doesn't work
  • I closed signups for now
  • I will ban the spam accounts
  • I will check how to prevent (maybe approval required again?)

Stay tuned.

Edit: so apparently there is a captcha option which I now enabled. Let's see if this prevents spam. Registrations open again.

Edit2 : Hmm Mailgun isn't that fast in unblocking the domain. Closing signups again because validation mails aren't sent

Edit 3: I convinced Mailgun to lift the block. Signups open again.

62

You are viewing a single comment

I solved this problem once. What you do is have a custom captcha that you code yourself. It can be as simple as "What is 2+3?" and have 10-20 questions that you rotate between. Most spammers will be too lazy to update their spambot.

Don't just include it as text though. Rather, present the question as text in a picture.

This is very effective but also blocks people who spend on screen readers

The solution there is to provide a voice over of the captcha.

I made one that phrased it as "The sum of 2 and 3". Weeds out bots and less sophisticated people.

fwiw - there's always an arms race between spammers and people trying to not get spammed. It's often better to use off-the-shelf captcha's or something as there are people who are able to put a LOT MORE resources into it (like Google, who has billions of dollars on the line to prevent ad-fraud and identify bots)

I used a custom captcha for my personal WordPress blog. It eliminated all the spam. (Fun fact: The spammers know how to work around most anti-spam WordPress plugins. If you roll your own, they aren't going to update their spambot for one blog.)

I also used a custom captcha at work. We couldn't use 3rd party filters because it was marking our customers' comments as spam! The custom captcha also eliminated all the spam.

There's also a problem with using 3rd party spam services. You have to give them all your data. You also usually have to pay for it, which can be a problem when you're working for people with a tiny budget.