BuddyPress.org

There has been a ton of talk about controlling Spam on BuddyPress.org… try tooling through this post for some ideas:

https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/buddypress-spam

try stopping the spammers from registering – topic covered in the past about different options

Wow, world renowned support? 7 months and still no answers! I have the same issue guys, I get a ton of spam on my activity streams. I have 4 different anti-spam plugins, and guess what? Non of them help with the activity stream. This is something Buddypress needs to be looking at!

have them check their spam folder (and proper host config for sending email – maybe the host has trouble with users sending out spam)

buddypress rules for usernames

`
if ( !validate_username( $user_name ) || in_array( $user_name, (array)$illegal_names ) || $user_name != $maybe[0] )
$errors->add( ‘user_name’, __( ‘Only lowercase letters and numbers allowed’, ‘buddypress’ ) );

if( strlen( $user_name ) < 4 )
$errors->add( ‘user_name’, __( ‘Username must be at least 4 characters’, ‘buddypress’ ) );

if ( strpos( ‘ ‘ . $user_name, ‘_’ ) != false )
$errors->add( ‘user_name’, __( ‘Sorry, usernames may not contain the character “_”!’, ‘buddypress’ ) );

/* Is the user_name all numeric? */
$match = array();
preg_match( ‘/[0-9]*/’, $user_name, $match );

if ( $match[0] == $user_name )
$errors->add( ‘user_name’, __( ‘Sorry, usernames must have letters too!’, ‘buddypress’ ) );
`

As that guide is written b y Boone I guess it must be possible, if it hasn’t worked for you you need to review carefully what you have done and that you have followed all steps explicitly, and yes it might be a case that you need the css in which case test that theory by dropping the adminbar css file into your header for the top level site.

There is a means of deactivating the activation and there will be threads on the forum and – I think – a plugin so have a hunt around.

Don’t do this just to circumvent an issue you are having though; to want to remove activation because as you say “the verification email is being marked as spam most of the time” should be telling you that there is something wrong, email servers only apply filters based on sets of rules, you do have to ensure that when email servers look at incoming mail that they can verify it’s origin in other words perhaps you need associated dns mx records for your domain?

Email isn’t necessarily something that just works or something that WP magically deals with, all WP does is simply use a faux email relay such as sendmail it doesn’t know or care whether your emails report themselves correctly.

In my experience the mail actually gets sent 99.9% of the time. Sometimes it just ends up in the spam folder. Especially with Gmail accounts.

I have noticed this problem too.

A fresh setup …5min WordPress install, add BuddyPress Plugin etc etc…

I can not yet confirm if it only occurs for hotmail users (yuck) and it needs more testing!

But here are some obscured excerpts from my mail logs…

Node1 webserver and BuddyPress:
`Oct 19 13:02:42 node1 postfix/smtp[23717]: D67EA2802A: to=, relay=192.168.###.###[192.168.###.###]:25, delay=40, delays=0.33/0.01/0.05/40, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 5967C292C1)`

Relayed to my Mail Server at Node2:
`Oct 19 13:02:43 node2 postfix/smtp[27458]: F2173292C4: to=, relay=mx3.hotmail.com[65.55.37.120]:25, delay=0.23, delays=0.01/0.02/0.08/0.12, dsn=2.0.0, status=sent (250 Queued mail for delivery)`

I have a pretty good knowledge of Linux and webservices, but this indicates the mail was sent to hotmail… but the user in question never received it – not even in their spam box.

My servers even have a correct SPF text record in the DNS but so far it seems all the hotmail sign ups are not being seen by the end user.

I can only guess that st00pid Microsoft’s hotmail is sending them into a black hole – perhaps they have got fussy about the confirmation link or something?

Even though it would seem it is not a BuddyPress problem, perhaps some tests should be done to find out why this happens (to be honest, I hate hotmail – but a lot of people use it).

If it is something todo with the confirmation link, then maybe there is some kind of work around?

It will be interesting to hear peoples thoughts on this!

@whitbyglennk – remember to search before posting – this thread has a comprehensive list of ideas for tackling spam:

https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/buddypress-spam/

@dtclarinet – can you share how you reset the database? I’m not using the plugin mentioned, but rather wp-fb-autoconnect. Could that cause the same issue?

Thanks

I heard it was removed because it was showing a bunch of spam users that had joined. The only who is online widget that I know of is the default one that comes with the default theme.

yeah, I definitely agree!!! How come there is no working solution for this BIG issue? I am already boring of removing tens of Chinese spammers and their stupid shoes, bags, other “cool cheap” stuff every day!!! There are also bloggers who wanna real blogs and real webmasters who wanna keep their network clean from those anoying spammers … I please you, come with a working solution and we will pray for you…thanks

@netweblogic tbh I find that post unbelievable, it’s not only hijacking but downright rude and spammy, I’ll be deleting it from this thread shortly just so that you know when you look for it.

Yeah, I’m giving Humanity a try — seems to be quite effective.

There’s a big thread here:
https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/buddypress-spam/?topic_page=6&num=15

Also trying to get this group active again:
https://buddypress.org/community/groups/spam-eater/home/

Nice name. Needs some spam-related icon, though.

Incidentally, I still like the idea of getting folks together in a BP Group to attack the issue. I had suggested starting such a group on an IRC chat a few weeks ago, but I see now that there *is* a (small) group someone had set up. If people are interested, we can use that. Or maybe it’s fine to just continue this thread for now, though not having to dig through a few dozen posts has some appeal.

https://buddypress.org/community/groups/spam-eater/home/

jwack – since you had such trouble with this even after taking some measures, what was the final regimen you installed for blocking spam?

It’s becoming a serious problem not only here but on every bp site. i have 6-7 hacks to block spammers and they still get in.

Thanks to this thread I am going on almost 48 hours with no new spam signups or blogs. lol I feel like I should get a coin? Yes that’s a bad AA related joke.

Thanks to this thread I am going on almost 48 hours with no new spam signups or blogs. lol I feel like I should get a coin? Yes that’s a bad AA related joke.

I’m using this plugin : https://wordpress.org/extend/plugins/wordpress-mu-secure-invites/

I have restricted registration only by invitation , yet I got one registration ….

have to done all the spam blocking techniques mentioned here to my installation … but did some definitely

thanks to this http://www.marcelboast.com/badboteliminator/

*Mod note: Disclaimer – this script is a paid script

A great way to stop bad bots is the Bad Bot Eliminator script http://www.marcelboast.com/badboteliminator/
It stops bad bots dynamically by blocking IP addresses.

*Mod note: Disclaimer – this script is a paid script