Logotip de l'OpenStreetMap OpenStreetMap

Diari de alexkemp

Latest Spam

Publicat per alexkemp el 26 Juliol 2016 en English.

The world is discovering how easy it is to spam OSM. These are the latest:

(gone spam 1) …leading to an inspiring talk on “Become a Respected Leader of the Good and Easy” (zero application to OSM; just more spam)

(gone spam2) …leading to an inspiring webpage on Jeep - it’s natural agate (Round trips organized fun days possible integration of ATV trips rural romantic campfire meals around the campfire gourmet meals)

(many thanks to admin + mods for removing these users)

Icona de correu electrònic Icona de Bluesky Facebook Icon Icona de LinkedIn Icona de Mastodon Icona de Telegram Icona de X

Discussió

Comentari de Piskvor el 26 Juliol 2016 a les 14.32

Well, the question is - what to do? CAPTCHAs? I fear that the spam is made by mechanized humans, so traditional methods wouldn’t be effective.

Comentari de alexkemp el 26 Juliol 2016 a les 16.08

Hi @Piskvor

It is fully possible. I’m a Mod at SFS & it operates a crowd-sourced system that stops 99.9% of spammers dead. The human-mediated spammers can usually get through, but only once. The problem is that it will need custom-built changes to the Diary pages, and my time is solid with surveying whilst the sun shines.

Comentari de Warin61 el 27 Juliol 2016 a les 06.01

Most spammers will; not have any edits … only make the one dairy entry …

Human moderation of the first post would probably get most of them … but in terms of work/benefit in OSM ?

Comentari de alexkemp el 27 Juliol 2016 a les 11.58

@Warin61: if fully implemented it requires a push-button for each post/comment (“Report as Spam”) + a similar procedure to confirm the report from a Mod/Admin. All known spammers are auto-stopped from Registering (that is the 99.9%) + each Admin-confirmed report puts that spammer into a DB as a known spammer. The amount of human intervention required is minimal compared to the number of attempts.

What I’m about to say is drawn from 12 years of running a website + ~8 years of being a mod on StopForumSpam:

  1. Implement a firewall (iptables under Linux) + db-server (I used MySQL)
  2. Implement a RBL (IP blacklist) in conjunction with the firewall + server-DB
    (tornevall operates a good one)
    (other RBL also exist)
  3. Implement email+usename checks via StopForumSpam (SFS)

The above requires local caching within the DB of remotely-obtained data to prevent undue strain upon the remote servers. RBL checks are via the well-understood DNS TXT mechanism (this is all from memory, so expect some mistakes) whilst SFS provides an API.

The above mechanism stopped ALL bot spam on my site (it was otherwise thousands daily). The only spam that could get through was human-mediated spam, and that was only the first time (worldwide, any SFS-protected site). Once reported to SFS that spammer is in the SFS DB & any site that makes use of SFS is protected.

Comentari de naoliv el 28 Juliol 2016 a les 14.59

There is https://github.com/openstreetmap/openstreetmap-website/issues/841

Inicia sessió per a fer un comentari