Stopforumspam is great, but most MyBB plugins don't check in retrospect. The checking is done at registration level instead of post level to avoid hitting stopforumspam lookup limits. Here is what happens:
1. Unknown spammer signs up on several forums
2. A few days later, the user starts spamming on all forums
3. Stopforumspam can't do anything, as there are no additional checks
Ideally, you run a scheduled task every few hours that queries the IP/emailaddress of all users that registered less than 4 days ago and then bans them and clears their signature. This will eliminate most spam.
Check it for yourself. Throw the IP/mail of someone that spammed your forum in the stopforumspam.com lookup field. You'll see that stopforumspam knows it, but because it's only checked at registration, it isn't caught.
The problem is that it seems the SFS infrastructure is highly inadequate and judging by the logs people are posing in my plugin thread they get overloaded a lot. Having more routine checks would probably make this problem worse, especially on large sites.
Nonetheless, I'll consider implementing something similar in
My Spam Ninja which maybe staggers checks to reduce load on the SFS servers. That plugin will also have an extensible filtering interface so new modules for sites similar to SFS can easily be integrated, unfortunately at the moment there doesn't seem to be anything similar with better server infrastructure but seeing as Spam databases seem to be the only thing effective against human spammer, unfortunately these databases will probably end up like PeerGuardian and cause more harm then good.
* Alex Smith says the best solution is just to make him a mod 
.
* Alex Smith is just kidding incase people don't know.
Well what about a paid option? I mean it could be a way to drive up donations at the same time
.
I only know of
http://mollom.com/ but I'm sure there are others.
http://community.mybb.com/user-42959.html
How often do you have a spammer who actually posts productive posts? If the typical activity of spam accounts were considered (what they do, do they post?, editing user cp info), a good solution can be reached. While some options won't prevent spammers from registering, it can help prevent them from setting up their profile and gives mods and admins an idea of who to target.
Things to consider:
minimum post limit must be met before editing user cp details (homepage, signature, bio)
minimum online time must be met editing user cp data
(2011-04-30, 07:41 AM)Malcolm. Wrote: [ -> ] (2011-04-30, 02:09 AM)pyridine Wrote: [ -> ]www.cloudflare.com Blocks known spambots at DNS level. But I'd assume it's something Chris would have to decide on/activate. Personally, I love it.
The thing with Cloudflare, is that it's not 100% reliable. It blocks known spambots, botnets, etc...
but these are human spammers we are talking about. It's almost impossible to tell who is here to spam, and who is here to post.
We should actually challenge a number of human spammers as well (the data sources are not only for spam bots and the like).
One cool thing I would like to highlight is that you can
report spam back to us via the API now, which means you help protect other admins from spam by reporting them back to our system.
Given my background running forums as well, it is quite well-known that a bunch of spam originates from places like Russia and China. If you really have no need for visitors from that region, you could always put a block in your CloudFlare threat control for those regions so all visitors would see the captcha & would have to enter it before hitting your site.
You might also consider making new threads and replies require moderation for a certain length of time.
But then how would community members be able to help the user if they're legitimate?
Bad idea.
In the end this is a pointless debate. The spam isn't so much that the Staff can't take care of it within 24 hours at most. The GoodbyeSpammer plugin makes this a very simple process, and lets us ditch both the bots that make it past the checks, and the humans too.
As always, the best way to prevent bot registrations is with registration questions like this:
Q. How much dirt is in a 3'x6'x6' hole?
A. None (or 0, or zero, etc...)
Sadly, many humans fail this particular question as well because they don't actually use their heads... but thats another issue entirely. There are many more questions similar to this.
On the forums for my
MUD, I used questions related to the game itself. This worked quite well, since only a player would be able to answer them, and thats the only people I wanted on the forum anyways. I later required that they input the username & password of their primary MUD character as part of registration and checked that against the game database. Too bad this was all several years ago before I ever found MyBB... I was stuck with phpBB 2.0.22 (I had started with 2.0.17), and I hated it
If you think spam is bad on MyBB, you've obviously never ran a phpBB2 forum!
(2011-05-06, 04:35 AM)Dylan M. Wrote: [ -> ]Sadly, many humans fail this particular question as well because they don't actually use their heads... but thats another issue entirely. There are many more questions similar to this.
I believe it's not to sad if such people had to stay out of my forum. *scnr*
I require activation before posting, so I get thousands of unactivated users
*SQL time
*