Posted 22 March 2010 - 04:11 AM
Posted 22 March 2010 - 04:21 AM
Well spam is spam. We had little spam here before, no big deal yet. As you can see re-captcha is used on register-page, that will/should block all auto-spammers. The thread in question was obviously created by a human. So all we can do is marking those threads as spam, then they get deleted.
Posted 22 March 2010 - 04:41 AM
Well I for example have dynamic ip. Every 24 hours I get new ip or I can request a new one by reconnecting to the internet. That would mean to block me, you would have to ban a whole ip range 84.128.***.***. That means you would probably block others as well. Also I could just use a proxy-server to signup here and then post something (with completely different ip). Another problem is that some users use a global proxy (for example from AOL) and they have same ip address as well.
The captcha on signup-page is enough. You can't do anything against threads started by humans except deleting.
Posted 28 March 2010 - 09:08 PM
I was going to suggest you remove the re-captcha on the registration page but looks like my timing is probably off. Not the time to convince people that captcha as a technique is useless as security unless it is completely unusable by a human and just gives a false sense of security. It is far better to use a behavioural approach especially as you already require registration and email confirmation. An example would be limiting functionality for new users like max 3 posts per day.