OpenStreetMap logo OpenStreetMap

dźenik wužiwarja alexkemp

Latest Spam

Spisany wot alexkemp dnja 26 July 2016 w rěči English.

The world is discovering how easy it is to spam OSM. These are the latest:

(gone spam 1) …leading to an inspiring talk on “Become a Respected Leader of the Good and Easy” (zero application to OSM; just more spam)

(gone spam2) …leading to an inspiring webpage on Jeep - it’s natural agate (Round trips organized fun days possible integration of ATV trips rural romantic campfire meals around the campfire gourmet meals)

(many thanks to admin + mods for removing these users)

Email icon Bluesky Icon Facebook Icon LinkedIn Icon Mastodon Icon Telegram Icon X Icon

Diskusija

Komentar wot Piskvor spisany dnja 26. July 2016 14:32

Well, the question is - what to do? CAPTCHAs? I fear that the spam is made by mechanized humans, so traditional methods wouldn’t be effective.

Komentar wot alexkemp spisany dnja 26. July 2016 16:08

Hi @Piskvor

It is fully possible. I’m a Mod at SFS & it operates a crowd-sourced system that stops 99.9% of spammers dead. The human-mediated spammers can usually get through, but only once. The problem is that it will need custom-built changes to the Diary pages, and my time is solid with surveying whilst the sun shines.

Komentar wot Warin61 spisany dnja 27. July 2016 06:01

Most spammers will; not have any edits … only make the one dairy entry …

Human moderation of the first post would probably get most of them … but in terms of work/benefit in OSM ?

Komentar wot alexkemp spisany dnja 27. July 2016 11:58

@Warin61: if fully implemented it requires a push-button for each post/comment (“Report as Spam”) + a similar procedure to confirm the report from a Mod/Admin. All known spammers are auto-stopped from Registering (that is the 99.9%) + each Admin-confirmed report puts that spammer into a DB as a known spammer. The amount of human intervention required is minimal compared to the number of attempts.

What I’m about to say is drawn from 12 years of running a website + ~8 years of being a mod on StopForumSpam:

  1. Implement a firewall (iptables under Linux) + db-server (I used MySQL)
  2. Implement a RBL (IP blacklist) in conjunction with the firewall + server-DB
    (tornevall operates a good one)
    (other RBL also exist)
  3. Implement email+usename checks via StopForumSpam (SFS)

The above requires local caching within the DB of remotely-obtained data to prevent undue strain upon the remote servers. RBL checks are via the well-understood DNS TXT mechanism (this is all from memory, so expect some mistakes) whilst SFS provides an API.

The above mechanism stopped ALL bot spam on my site (it was otherwise thousands daily). The only spam that could get through was human-mediated spam, and that was only the first time (worldwide, any SFS-protected site). Once reported to SFS that spammer is in the SFS DB & any site that makes use of SFS is protected.

Komentar wot naoliv spisany dnja 28. July 2016 14:59

There is https://github.com/openstreetmap/openstreetmap-website/issues/841

Přizjewić, zo by komentar spisał(a)