BuddyPress.org

@pisanojm you raise some very valid points about spamming over here… but tell me, why is it that you chose to avoid the “confirmation email link” option… its a sureshot way of overcoming most of the automated spam-bots out there… yes, you can still have manual registrations who want to mess with your site… but this is something we just have to deal with.

Max we as admin can do is to spot the bad guys (community flagging), and delete there stuff as well as bar them from registering again… atleast thats my opinion.

Sid.

Here is a recap of some posts I posted at http://buddydev.com recently:

I use Bp-Cosmic-Pro Theme built of of bp-mag and have about one spam registration per couple of weeks (and it’s usually a real person that registers and gets through)… They are caught within minutes of posting something ridiculous and marked as spammers by the admins.

There are a number of reasons for that:

1. It’s a closed/ register only site (but free to all), (note: I do not require e-mail validation either)
2. I use BuddyPress Humanity Anti-Spam Plugin
3. I use Si-Captcha Anti-Spam
3. Multiple Profile fields are required to be filled-in at registration as an ANTI-SPAM measure – in part.
4. I have a TERMS and use that Requires THE CHECKING of a box to register.
5. I use the bad behavior plugin to keep out the crazies and use the Blocking-list feature of it.

Occasionally, I get the I can’t register e-mail, but it is rare and there is a note for people to contact me if they can’t register properly… I have 1700 active (non-spam users) on my site and virtually no SPAM.

I believe one of the keys to success here is that it is a “private site” and as such it’s not indexed (I realize this could be a problem for many sites, but not my niche site). So, sites don’t scrape it as a potential source to attack.

I would also recommend the ANIMAL BuddyPress Captcha plugin.

*****************************

I usually think about SPAM protection in the form of a Castle for open community WordPress Sites:
1. The Moat: Programs like Bad-Behavior and plugins that stop bots/scrapers before they get “through” to the site.
2. The Gate/Drawbridge: Programs like Captchas, Math Challenges, Reverse fields that SHOULDN’T be filled in to “trap” bots from auto-filling.
3. The Keep: Programs like Akismet.
4. The Guards: Moderators with the ability to knock out spam when they see it.

The biggest issue with BuddyPress is that THERE IS NO KEEP (no. 3 above) for the Activity Streams…
As far as I know, there are not programs like Akismet or any of the “KARMA” / Comment anti-spam plugins that work for the BuddyPress group/activity/forum streams… DJ-PAUL has talked about making Akismet work on BuddyPress Streams at the BuddyPress.org site, but there is nothing yet that I know of yet –

If anyone does know of something that will “auto-moderate” the BuddPress Stream updates/comments, please let me know…

Regards.

Reality is that you would have to be proactive in killing those spam robots and human spammers if you have open registration. Search through BP.org shows many threads which share tips in plugins to use to prevent this and not all are 100% perfect since these spammers are really gung-ho about overcoming such preventions. Having said that, check out this thread – https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/has-anyone-tried-this-spammer-blocking-plugin-with-buddypress/

The only way I was able to surmount the same issue (emails not being sent, i.e. new user notification, password reset emails) was to disable the following plugin:

“BP Disable Activation”
https://wordpress.org/extend/plugins/bp-disable-activation/

Once I disabled this plugin, the missing emails flowed again.

As such, I returned the site to its default state of requiring new users to confirm their accounts.

PPS: Prior to installing the Mail From plugin my emails were being sent from noreply@mydomain.org. Wonder if I had created an email account called ‘noreply’ if that also might have solved the problem,.

Update: Enabling the ‘Mail From’ plugin https://wordpress.org/extend/plugins/mail-from/ solves the problem.

I’m not thoroughly satisfied with this solution because it is too mysterious , but at least it is a solution.

I’m having the same problem as Tonyone, and it goes away when Buddy Press is disabled. The first problem stated in this thread, the forgot password feature is not sending emails, is different than what the “me toos” are describing.

With BuddyPress enabled
A new user who creates an account gets their account notification email
The Fast Secure Contact Form works and sends email
The Email Users plugin works
BUT
The Bulk Password Reset plugin does Not work, neither does the ‘Get New Password’ on wp-login.php. Both of those trigger this error:
The e-mail could not be sent.
Possible reason: your host may have disabled the mail() function…

This may not be a mail problem but a password rest problem pulling the wrong error message out of … someplace

I’m on a Bluehost server, running WP 3.1.3 and BuddyPress 1.2.8

I’m having the same problem. Using Genesis with the GenesisConnect plugin. The problem seems to be with BuddyPress. Bump.

“and it does support sending email and has for a few new user registrations.”

So it has actually *sent* mail.

Edit:

Your server is not the problem. Not entirely anyway. I signed up to your site and got two emails – one with an activation link and one confirmation email. Exactly like I am supposed to.

So your problem is *not* the server is not sending email. The problem is some of the people signing up are not getting them. Which means it’s mostly on their end. You can do a reverse dns entry, like @hnla stated above, but really that’s all you can do for some places like Hotmail & Comcast.

As Andrea_r pointed out earlier Not being sent and not being received are two different things You need to establish which of these two you are actually refering to. How have you tested your email functions? Have you checked through any mailer-daemon returned undeliverable notifications? What sort of accounts do the people have that are not receiving anything, Hotmail or the like? Have you set up PTR RDNS records and SPF records? failing to set these two records will almost certainly cause certain PITA email servers to bounce the email straight out and won’t even pass it as spam.

Ran a quick check and you appear to have no real mailbox/email server as your domain reports no MX records so not sure how people contact you under that domain, you have what looks to me a correct ptr record and it reports a canonical cname record that I’ve not seen appear in the context of a ptr check, there is no record of a SPF entry which isn’t unusual but some email servers will reject based on lack of available SPF record to lookup. It would be worth you checking with whomever set your dns records that all is correct and with your host that RDNS is set up and correct. These aspects can and will cause issues if not correct.

I’ve checked the server and it does support sending email and has for a few new user registrations. Also, I’m using the Mail From plug in – it hasn’t helped. Any more ideas? I’d hate to have to start from scratch and scrap BP all together after months of development prep but we’re getting pretty desperate for a solution. Any thoughts? Here’s the site: http://fayettevilleforward.org/
All suggestions are very appreciated.

Tyr one of these plugins to change the mail-from address so the users’ email providers will deliver the mail.

https://wordpress.org/extend/plugins/search.php?q=+%27Mail+From%27&sort=

I am currently writing my own theme that looks nothing like BP-default, but I’ve been on trac almost daily with the UI tickets. I don’t know if we need a dedicated “UI/UX” team, but as long as folks are submitting on those tickets it will ease some of the other dev’s needing to mess with it. I DO think it is an important component with BP and we need to keep talking about 1.3’s problems.

I’m glad to see all the discussion going on, especially in light of all the “BP IS DEAD” nonsense. I think the biggest issue is how the forums make it hard to actually talk, but the testBP forums are great and I’m excited to see them go live here. I’m also anxious to see the new BP.org which seems to be slated to June.

My biggest issue with the BP sites I run is spam. Even my non indexed test servers get spammed. My AIGA site was deleting 250 spam users/blogs a day before shutting off new user registration. The first part of that comes from spam users being registered. There are two types of spam services, bots, and (slave) labor. These folks get through the Captcha’s and set up real fake accounts. But in my experience with my comment forms adding a Captcha killed a vast majority of spamers. Then with comments, contact forms, etc this would kill most spam. From there heuristic spam fighting from splogs, comments, etc. Also a system that users can mark a item as spam would help a ton.

Second, its that to learn how to do ANYTHING in BP I have to take something that works with the current version and hack it a part to figure out basic commands and actions. Once the new site is up I think there should be a real push on getting the Codex up to snuff(look at jQuery and WP) that have examples, resources, etc. Then have tutorials on things, hell syndicate them from other bloggers.

So as my thing(s) I want to keep being a part of fixing UI issues, and will as long as I can.
I want to write for the Codex, and am here and willing to write Blog articles for BP. Tutorials, Updates, whatever. I’m game. I will be writing tutorials for AIGA members anyway, so why not sync the content here.
I am working on the Group Documents plugin with its original developer because my sites need it.

And lastly I will be writing a BP-Spam component. I will do it as a plugin first and will want/need tons of feedback. But to get the University to sign off on my project I will need to stop all the Viagra and other inappropriate content from making it through. I will do this regardless of it being a part of BP but want to give back however I can.

I’m so psyched to see all the energy is still in this project!

It’s possible that your server doesn’t support sending email. Check with your hosts.

Had exactly the same problem as mentioned by the OP. To repeat:
1. User creates account.
2. Clicks on Activation Link in email.
3. Gets taken to a page that says Activation Successful. You can now Log in
4. Logs in (login is successful) but is taken to a page with a message, “Please enter a valid activation Key” with an empty field below.
5. If the user ignores this, he/she can start using all the BP features.
6. This message appears only the first time they log in. Doesn’t appear on future logins.

Have upgraded to the latest WP 3.1.3 and BP 1.2.8 and yet the problems persists. Any ideas.

Thanks

@thewomaninus

It looks like registration is not enabled in your WordPress backend.

If you’re running WP single, go to “Settings” > “General” and check “Anyone can register”. On WP multisite, go to “Network Admin” > “Settings” and make your selection at “Registration Settings”.

Yes I had the same problem. It appears the activation link is ONLY being sent to people with GoogleMail accounts.

I checked the mail logs. Mine were not sent to anyone that has said they did not receive an email.
I only show sent ones for the few people that have been able to register with gmail accounts.

I’m glad the Mail From plugin worked for you. But it didn’t work for me. Any ideas? i’ve checked everything mentioned above. I get admin emails, no problem but new regsitrations do not get their confirmation email so their user account never goes active and I never see them on the Admin side.
http://fayettevilleforward.org/

Check your mail logs on the server to see if it was actually *sent*. Not being sent and not being received are two different things.

I also experienced this problem. It seemed that the e-mail’s were only being sent to Google Mail Accounts. To temporarily resolve this I just turned account activation off.

Same issue still here – using WP 3.1.1 and BP 1.2.8. The registration form takes a new user through the whole process, completes and takes to the confirmation page but no email is sent to the new user so that they can “confirm” their account. They appear to have registered but never get the email and they do not show up as a new user on the Admin side. Seems like a serious bug to me- if no new users can register. Also, I have used the suggestion of the “Mail From” plug in but it has NOT fixed the problem.
I hope someone has a solution soon. Thanks.
Julie

ok try this :

use this plugin to manually active users that are not activated yet : https://wordpress.org/extend/plugins/wp-activate-users/

and use the below code in your functions.php .to disable email activation.

function disable_validation( $user_id ) {
global $wpdb;
$wpdb->query( $wpdb->prepare( “UPDATE $wpdb->users SET user_status = 0 WHERE ID = %d”, $user_id ) );
}
add_action( ‘bp_core_signup_user’, ‘disable_validation’ );
function fix_signup_form_validation_text() {
return >false;
}
add_filter( ‘bp_registration_needs_activation’, ‘fix_signup_form_validation_text’ );

The plugin Membership should help with that.

https://wordpress.org/extend/plugins/membership/