We are all used to screening our email for the dreaded spam. Fake Rolex, dodgy pharmaceuticals, charming ladies who’d just love to meet us (why never charming gentlemen?!) and worst of all, naked photos. I had them all before my ISP smartened up its act – my mailbox is fairly clean now, and I’d guess that’s typical for most people.
Sadly the spammers are all too ingenious and started to look elsewhere for targets. Blogs and bulletin boards were a magnet.
I manage a bulletin board for an interest group. When it was set up, the brief was quite clear that although the discussions could be viewed by anyone, taking part was only for registered members, and only paid-up members of the society could be registered. Despite this, I am constantly having to delete attempts at signing up from usernames like “ffggdd” or “cheappills”. Barack Obama has tried to sign up twice now!
Why is it important to keep your board clear of spammers? I’m afraid I’ve seen a few boards that have been attacked and they quickly become nothing but a stream of adverts and links for all kinds of rubbish. Because the postings are often automated, it would be practically impossible to keep up manually deleting bad posts. Much better to keep them out in the first place.
So what to do?
I’m basing my comments on phpBB but you will find similar features in all good bulletin board systems.
Firstly, avoid allowing just anyone to sign up. Ensure that new applications are held in a moderation queue for checking. If you are planning on building a big community site where it would be impossible for you to single-handedly administer all registrations, make it a priority to enlist moderators who can do some of the screening for you. You could even charge a very small fee for joining – Amember is a good system for this. Anyone who is really interested will pay up, especially if you can give away some digital product at the same time.
Secondly, as you screen new members, use the “Whois” or IP lookup facility to check where the new members come from. If like me you are administering a site for a highly regional group, it will be clear that applications from Russia or the Netherlands or USA are not legit.
Thirdly, keep an eye on the discussions (this can also be farmed out to moderators). At the first sign of any unwelcome posting, don’t hesitate to block the member and add the related IP to a blocked list.
Fourthly, use a “CAPTCHA” of some kind to help screen out automated applications – not totally foolproof but will help. That’s where part of the sign-up process includes typing in disguised letters. In theory computers can’t recognise these, but they are getting cleverer so it doesn’t always work and there are a small number of genuine potential members who have problems distinguishing the type.
Above all, do keep an eye on your bulletin boards. If you’re running one because it’s your own interest, it sets a good example and helps keep things lively if you take part in discussions regularly. If you’re running one for someone else, you still need to watch what’s happening so you can stop problems early.
One of the saddest things I ever saw was a forum which was supposed to be for software support, totally ruined by spam postings. You would go in with some quite innocent question related to the software, and retreat feeling, well, contamintated, so horrible were the spam posts! Not pleasant, not professional, and most definitely not a good advert for your business or society.