@mike: Even with just a small site. I was running it on first with a VPS hosted site and it got shut down by the provider. They say that the “huge” amount of mail coming from BP notifications are “spam” and a violation of their TOS since, they say, it got the IP blacklisted.
I moved it to a dedicated server but I’m concerned that the IP address will be blacklisted if the system sends out hundreds of mail notifications in an hour. Problem is, I don’t know how much mail is too much. And if that should qualify as spamming. 
Should this be a concern?
Was just wondering if there’s a way for the admin to set email notifications off by default. Or if not, if there’s a code we can edit to do that. Feedback would be great.
Your Bp email server might become an open relay server for spammers !
The only reason I noticed this is because the comment love keeps messing up and I have to go in and re enter the url under the admin profile.
p.s linking my site in this forum has only brought me spam.
It seems to be staying now…
Raise a ticket. This is a usability/privacy issue. It should be blatantly obvious to the user who is replying to a private message that they are sending to more than the sender.
Thx, I got it, but my users won’t, since they see a PM rather as an email and not as another kind of a discussion group (core age 15, so they have plenty of time to enter all the names ). It’s also in my opinion not intuitive.
If there is no simple way to include a “no bcc” option – is there a way to limit the number of recipients to one user?
My guess is you are not quite understanding the way private messaging was intended to work. As the name implies, it is a private message. When you send a “private” message to 40 friends, it’s not quite “private” anymore, by some definitions. The same occurs in email when one of your 40 recipients hits “reply all” assuming they were not bcc’d.
As such, when you send a bp message to 40 people, you are, in a sense, establishing a 40 person thread. That’s the way it’s supposed to work (which is great for smaller numbers) In other words, expect 40 replies to the thread and all 40 will get 40 messages. Seems ripe for trouble when you send it to 40! (btw, I am impressed you were able to have the patience to pull off 40 as you had to remember and type 40 names or usernames since this is the only way to do it in BP at the moment.
Second, if you send a message that, upon reply, many members will deem the response as “spam” consider not starting the thread. Just remember, BP messaging was not meant to be like email.
If you want to hire someone to implement a captcha on the compose message page, please post in this group -> https://buddypress.org/groups/buddypress-job-board
So still nor esponse? How does one combat spam then?
I guess Jeffs Privacy-Plugin would help:
http://jeffsayre.com/2009/12/05/buddypress-privacy-component-released/
Too bad this plugin will not make it into BP 1.2 core !
If you really really wanted to, look in wp_signups. They don’t get cleaned out on delete (partly to prevent deleted spammers from signing up again with the same info).
Spammers are always an issues do follow or no follow lol.
Being the owner of blogengage a pligg powered website I’m very aware of do follow spam issues it’s very bad.
So do we have a solution to this?
Bare in mind you’ll encourage spammers by doing this.
Hey Brajesh,
I just checked out the auto-activate plugin and I can confirm what Pierre said that it does send an activation email even though the user account is already activated.
Also, I just checked out buddydev.com since you have the plugin running on your site and I’ve noticed a lot of spam registrations there!
Perhaps you need to add some anti-spam prevention of some kind to your BP install.
And also, as a courtesy, on the plugin release page, you should add a warning to enable some type of anti-spam solution on the user’s BP install (particularly in production environments).
Nice, Brajesh!
Have you updated your auto-activate plugin lately?
In your comments, you mention you were going to update the plugin in November, but the last update was in October.
Also, has using this plugin affected spam registrations for you, Brajesh?
You could also try blocking the email domain in Site Admin > Options
I deeply apologize if my previous post is a spam.
I only followed BuddyPress Documentation in Improving Performance, and showed how it works with my websites.
I found that the article is very-very useful (for server’s performance and users’ access). So, I want to share my experience in this forum to other BuddyPress lovers.
Please forgive me if my previous post is a spam. Do I have to delete it?
This is quite a big problem. I deleted a user account but it didn’t delete the forum posts the user made. It only deletes his name in the feed but the content of the topic is still on the forum for the specific group. Now if it was a spammer(s) you would have to filter through all the groups/forums that they created and replied on topics and delete them. This will be quite tedious as you can’t search for the user in the database and delete all the topics related to that user because his name is deleted but not the content. You would have to manually filter through everything and I don’t think it will work.
John James Jacoby – You mentioned
“Which version of BP? This will be fixed in 1.2 as I think it’s just a missing or incorrectly named action. “
Where is this action so that I can insert it into my BP 1.1.3 installation? Is it simple?
5603658Inactive
Yes, no spam in this category please!
yeah, but why do you spam this page ?
dfa327 (?) posted this on a splog fighting group wire:
I’ve upgraded my entire site. So far no bad guys:)
I’m up to buddypress 1.1.3 and wpmu 2.8.6.
I got the following plugins to stop spam:
http://wordpress-plugins.feifei.us/hashcash/
http://www.poradnik-webmastera.com/projekty/invisible_defender/
http://www.svenkubiak.de/nospamnx-en
And a few other things to stop it, but I think those are working well above.
Prior to the above I was getting hit by the minute!!!! Now none:)
Haven’t tested them yet. Can’t vouch for them.
I have buddypress 1.1 installed and it seems to work perfectly except for spammers or sploggers or whatever..
I downloaded WPMU-Signup-Captcha from WPMUDev and put the 3 files in the directories, just like you said.
I don’t see it in the plugins section of the admin, and I still don’t have any captcha applied to new registrations.
A post has been deleted from this thread as it was little more than spam/advertising.
Thank you all.
Jeff I won’t try compression now because It could increase the CPU usage and this is our main problem. When it resolves we will do.
We have around 6000 page views a day.
Probably we have a very inefficient code somewhere but I don’t know how to find it. I reviewed several times the main blog theme and random files from the plugins but I couldn’t find it. I have just read about Xdebug, ¿Have you worked with It?
We have a wildcard subdomain.
I am not a server administrator but the VPS is fully managed and I think the guys managing it are good and we have migrated from another hosting company where we had the same problem.
¡We have cPanel and CentOS! ¿Could that bug be the problem?
The spam is not a big problem, some comments but not too much.
Thank you again
Without being able to look and see multiple files both within the wordpress part and the server, the most we can do is guess.
Some things I have seen crank the CPU:
– a bad plugin with an off query
– bad code in the theme (make the theme more efficient, revert to default theme to see if that’s the issue)
– inappropriate server settings. Did you really put in a wildcard subdomain (if you use them) or do you have, say 20, listed. (Seen it. Wasn’t pretty.)
– default server settings on high traffic sites. Preforks, child processes – all these can be streamlined.
– an obscure bug with cPanel on CentOS boxes that create a memory leak
– in rare cases a hardware failure
and finally – being hit with spammers constantly. I have a couple older domains, and no matter where I host them, the simple fact they are “out there” mean they get hit with an INSANE amount of spam. Email, comments, splogs – all of it.
Basically, you have to eliminate what it isn’t.
how much traffic do you get? How big is the database?
