spam-prevention

I have a "contact us" form that uses Ajax (i.e. relies on asynchronous requests). In case the user has javascript disabled, I want to display a message, saying something like: You need to enable Javascript to use this contact form. If you can't, or don't know what Javascript is, then use your email and contact us at <the_email_address> . But of course, I want to hide the_email_address from spambots. Since this email address has to be displayed inside a <noscript> , it makes no sense to scramble it with Javascript, specially given the fact that some users may simply not even know what

Lately I'm starting to receive spam URLs into my forum software via URL shortener. In the past, they are easy to block by domain, but I can't exactly block the domain for URL shortener since I'm seeing some valid usage as well. Any best practice on how to manage these spam URLs (and spammers that are using it)? You could also do something like http://www.untiny.me/ when a post is submitted. Basically, send an HTTP request and capture the "HTTP 301" response. You can then examine the URL you're being redirected to and deny/allow based on your policy. For example: C:\>wget -O NUL http://tiny.pl

I am building a spam filter using the NLTK in Python. I now check for the occurances of words and use the NaiveBayesClassifier resulting in an accuracy of .98 and F measure for spam of .92 and for non-spam: 0.98. However when checking the documents in which my program errors I notice that a lot of spam that is classified as non-spam are very short messages. So I want to put the length of a document as a feature for the NaiveBayesClassifier. The problem is it now only handles binary values. Is there any other way to do this than for example say: length<100 =true/false? (p.s. I have build the

A wiki I maintain has been hit pretty hard by spam bots... we don't have a lot of users, and I'd rather not saddle the legitimate users with captcha. Is there a simple way to make registration confirmation go to an admin? I've looked through the manual, and haven't been able to figure out how to do it. You could create a new user right, e.g. "approved", allow admins to assign that right and restrict things like editing to only approved users, like this: // Disallow editing and uploading from anons and registered users $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'

How to distinguish robots from normal user? How does SO do this job? Currently I'm met with a robot which post once every 1 hour... Try akismet as your first line of defense. Bad Behaviour is efficient too, perhaps too efficient, as i had issues with false positives. Akismet on the other hand serves me well. Then, if necessary, add other layers not impeding on the user experience, (like using empty fields that should remain empty) and then if you really have to, other techniques involving turing test of some sorts (captcha being the worst in terms of user friendliness: try simple questions

Hi we have just noticed a bunch of Nigerian spam accounts in our email system. Now, we do have a reCaptcha in the signup form but apparently they circumvent it, manually or otherwise. It seems like a semi-manual circumvention since the accounts aren't created in bulk but instead as a steady stream with a few minutes in between. Since most of the spam accounts were created by IP addresses from Nigeria, we have just set up some simple IP filters over a couple of pretty broad IP ranges and that seems to be working for now. However we would like to make a more permanent solution to this problem.

I have just stumbled upon Bad Behavior - a plugin for PHP that promises to detect spam and malicious crawlers by preventing them from accessing the site at all. Does something similar exist for ASP.NET and ASP.NET MVC? I am interested in blocking access to the site altogether, not in detecting spam after it was posted. EDIT: I am interested specifically in solutions that will detect access patterns to the site - these would prevent screen scraping the site as a whole, or at least make it a very slow process for the offender because the bot would have to act as a regular user in frequency of

Is there a way to check the score in an ASP.Net application? A class or something similar for .Net? How about other Spam Filters out there. --Edited I am looking for a way to check the spam score of the email messages in C#. Here is my super simplified "just check the score" code for connecting to a running Spam Assassin email check from C# which I wrote for http://elasticemail.com . Just setup SA to run on a server and set the access permissions. Then you can use this code to call it: public class SimpleSpamAssassin { public class RuleResult { public double Score = 0; public string Rule = "";