What to do about spam on diary / user pages

Posted by lyx on 5 March 2010 in English (English)

In the last couple of weeks there has been an apparent increase in spam entries on the diary and user pages. I'm under the impression that spammers are "testing" the community at the moment, checking how long a spam stays alive depending on it just being spam, containing some map related content, if the spammer claims to be female, if a location is given, etc.
Most of the spams appear to be handcrafted, so tools to keep out automated spams will not help much. So lets think about what the spammers hope to gain: The number of potential victims in the OSM community that might buy spamvertized products appears to small to make much profit for the spammers, so they are probably after something else. My guess is that spammers try to boost their page rank by creating links from this trusted community site to their pages, so they are placed better in search engine results.
I suggest to change the site software so that users can only create links to some whitelisted websites on their diary and user pages. All other urls in those pages would only be displayed as text, so any interested reader could still copy/paste them in his browser address bar to view the page, but there would not be a clickable link.

Comment from JohnSmith on 5 March 2010 at 21:05

Links can also be marked as rel=nofollow so that search engines ignore them, and I thought these were added to diary entries already.

Hide this comment

Comment from lyx on 5 March 2010 at 21:16

Thanks for the info, I didn't know about that feature. rel=nofollow is indeed set on links in diary pages, so it should just be set in user profile pages as well.

Hide this comment

Comment from TomH on 5 March 2010 at 22:23

It is set on user profile pages! All user submitted links get the rel=nofollow treatment. There is one way round it at the moment that I need to fix but it needs some work.

Hide this comment

Comment from lyx on 5 March 2010 at 23:00

I had just looked at the latest spam suspect (user Jhorell) and didn't see a rel=nofollow, so I assumed no measures would be in place. It appears that the "way round" is well known to spammers already.

Hide this comment

Comment from lyx on 5 March 2010 at 23:15

Just had a quick check: The rel=nofollow is also missing on most of the spam diary pages, so the "way around it" seems to work there as well. Is the "way round" sufficiently unusual that we can assume no one uses it accidentally? This would hint that all links without the nofollow attribute are indeed created by spammers. This would include quite some entries where the users have denied being spammers; and that would support the theory that spammers are currently checking out how they have the most success here.

Hide this comment

Comment from drlizau on 6 March 2010 at 04:05

I marked biorezonanta diary entry as spam, and got a PM back to tell me it wasn't spam, it was "free speech".
The entry is still there for those who would like to form their own opinion.
I would suggest that all new diary users be moderated.
No explanation needed for those that would be dropped.

Hide this comment

Comment from marcschneider on 6 March 2010 at 06:11

the ideas with nofollow and creating links to white-listed pages and so on are all nice, but they don't solve the problem that users can post whatever they want and nobody does something about it if content is not appropriate. that's in the end a conceptual problem of the software and of our community.

I like the idea of moderating content, on some sort of common sense our community clearly has. but who moderates them? who does it currently? is there a list containing people that have administration/moderation rights? how can one apply for this job? such a system works only if we have enough (and trustworthy) people doing it and if everybody knows how it works. and thats missing: I still have to comment "SPAM" and hope that someone sees it and does something about it. the other system would be some sort of voting system: if 10 people mark the entry as spam, it gets hidden. if that happens x times, the user gets blocked automatically. an administrator than has to check it and eventually can delete the user and his content. votes shouldn't be anonymous (moderators should see who reported a given message) so the system doesn't get abused in some "political" discussion (I doubt our users would behave in a such childish way, but better be sure...).

I definitely like the first idea better, since it is a common way of handling spam problems in communities (forums, wikipedia etc.). The first system combined with a "report as spam"-button (email notification to moderators) and the traditional anti-spambot-measures used everywhere should be the best solution to handle the problem. and I clearly can't see any reason why such a system hasn't been integrated a long time ago. the spam problem isn't new at all and I'm someway disappointed that "nothing" has been done so far. I think there are currently enough trustworthy netheads in our community that can help to check and eventually moderate reported entries. if spamers see our community is moderated and spam gets deleted within minutes, they eventually lose interest.

Hide this comment

Comment from robert on 6 March 2010 at 15:25

There is also currently no easy obvious way of monitoring new users who don't post diary entries. These users can spam from their user pages without being noticed. There is also no easy way of flagging such a user as spam.

Hide this comment

Leave a comment

Parsed with Markdown

  • Headings

    # Heading
    ## Subheading

  • Unordered list

    * First item
    * Second item

  • Ordered list

    1. First item
    2. Second item

  • Link

  • Image

    ![Alt text](URL)

Login to leave a comment