Hey Buddypess, do something to stop spammers at your earliest. They waste our resources drastically!!!!!!!!
Andrea, I did it but all in vain. I guess buddypress should talk with wp-recaptcha or akismat developers and come up with built-in akismat or captcha support for buddypress sign up pages.
And there’s no benefit of banning email domains or ip since every time they come up with new fake domains and ip address. There should be a permanent solution… “Spbloggers” is the biggest problem for those who use buddypress.
One thing to remember, the spammers can see the signup code. That’s what they build their scripts for.
The better you can customize your site, the better you can stop them.
Checking your referral logs is one way you can see how they’re getting in. Tip: login to the bbpress admin area and CLOSE SIGNUPS.
Do follow is also a great way to encourage users to create and fill out a profile, specifically if you create custom fields for their “websites” in their profile. Spam registrations are already a major issue ( at least for us ) so that isn’t much of a deterrent for us at least.
I’m in the same boat. Have used a bunch of different captchas including the recaptcha that has been reworked for BuddyPress to no avail. Even took down our registration page for a day to make sure spammers weren’t bypassing via bbpress or somewhere else…. it was nice not having to delete spam accounts for a day. 
We may end up taking buddypress out at some point here until there are better spam tools in place.
I know on the MU side, you can ban registrations from specified email domains. (Site Admin -> Options)
Can’t remember if this translates over to the BP side.
There was a new blunt solution here. Apparently having a couple of required custom profile fields also cuts down spam.
I was just about to ask the same thing – never had much trouble before when using re-captcha but now I have upgraded we’re talking 20-30/day and increasing
Which brings me to my next question – is it better to mark both user and blog as spammer or just delete them both?
Good thought about the reputation. YOu might be able to combine it with the achievments plugin! In any case let us know if you attempt anything like that.
@mike: Even with just a small site. I was running it on first with a VPS hosted site and it got shut down by the provider. They say that the “huge” amount of mail coming from BP notifications are “spam” and a violation of their TOS since, they say, it got the IP blacklisted.
I moved it to a dedicated server but I’m concerned that the IP address will be blacklisted if the system sends out hundreds of mail notifications in an hour. Problem is, I don’t know how much mail is too much. And if that should qualify as spamming. Should this be a concern?
Was just wondering if there’s a way for the admin to set email notifications off by default. Or if not, if there’s a code we can edit to do that. Feedback would be great.
Your Bp email server might become an open relay server for spammers !
The only reason I noticed this is because the comment love keeps messing up and I have to go in and re enter the url under the admin profile.
p.s linking my site in this forum has only brought me spam.
It seems to be staying now…
Raise a ticket. This is a usability/privacy issue. It should be blatantly obvious to the user who is replying to a private message that they are sending to more than the sender.
Thx, I got it, but my users won’t, since they see a PM rather as an email and not as another kind of a discussion group (core age 15, so they have plenty of time to enter all the names ). It’s also in my opinion not intuitive.
If there is no simple way to include a “no bcc” option – is there a way to limit the number of recipients to one user?
My guess is you are not quite understanding the way private messaging was intended to work. As the name implies, it is a private message. When you send a “private” message to 40 friends, it’s not quite “private” anymore, by some definitions. The same occurs in email when one of your 40 recipients hits “reply all” assuming they were not bcc’d.
As such, when you send a bp message to 40 people, you are, in a sense, establishing a 40 person thread. That’s the way it’s supposed to work (which is great for smaller numbers) In other words, expect 40 replies to the thread and all 40 will get 40 messages. Seems ripe for trouble when you send it to 40! (btw, I am impressed you were able to have the patience to pull off 40 as you had to remember and type 40 names or usernames since this is the only way to do it in BP at the moment.
Second, if you send a message that, upon reply, many members will deem the response as “spam” consider not starting the thread. Just remember, BP messaging was not meant to be like email.
If you want to hire someone to implement a captcha on the compose message page, please post in this group -> https://buddypress.org/groups/buddypress-job-board
So still nor esponse? How does one combat spam then?
I guess Jeffs Privacy-Plugin would help:
http://jeffsayre.com/2009/12/05/buddypress-privacy-component-released/
Too bad this plugin will not make it into BP 1.2 core !
If you really really wanted to, look in wp_signups. They don’t get cleaned out on delete (partly to prevent deleted spammers from signing up again with the same info).
Spammers are always an issues do follow or no follow lol.
Being the owner of blogengage a pligg powered website I’m very aware of do follow spam issues it’s very bad.
So do we have a solution to this?
Bare in mind you’ll encourage spammers by doing this.
Hey Brajesh,
I just checked out the auto-activate plugin and I can confirm what Pierre said that it does send an activation email even though the user account is already activated.
Also, I just checked out buddydev.com since you have the plugin running on your site and I’ve noticed a lot of spam registrations there!
Perhaps you need to add some anti-spam prevention of some kind to your BP install.
And also, as a courtesy, on the plugin release page, you should add a warning to enable some type of anti-spam solution on the user’s BP install (particularly in production environments).
Nice, Brajesh!
Have you updated your auto-activate plugin lately?
In your comments, you mention you were going to update the plugin in November, but the last update was in October.
Also, has using this plugin affected spam registrations for you, Brajesh?
You could also try blocking the email domain in Site Admin > Options
