BuddyPress.org

The problem is when I mark a user as spam it is marking the codex as spam since they are an auto-member. It’s fixed now.

Thank you!

Here is a modified re-Captcha to work with BuddyPress.

Hope this will help

http://team.pookeo.net/2009/12/22/re-captcha-for-buddypress/

Spam bin for –: nancybaby

I’ve given up trying to add gmail-style folder tagging to the messages system in BP at the moment via a plugin; there’s not enough hooks to filter some queries. Might hack the core and do a patch

Why not just restrict emails so they can only be sent to one user at a time? Non-bot PM spammers probably won’t want to bother having to spam step by step.

Any code for this in the meantime?

Check those lines in the error message for all files and debug.

This is strange, must have been hacked right? I wake up to find this sting at the top of our site with the template not working:

https://buddypress.org/forums/topic/trying-to-stop-spam-email

Warning: Cannot modify header information – headers already sent by (output started at /home/borumaco/public_html/wp-content/plugins/bp-custom.php:17) in /home/borumaco/public_html/wp-content/plugins/buddypress/bp-xprofile/deprecated/bp-xprofile-deprecated.php on line 436

Warning: Cannot modify header information – headers already sent by (output started at /home/borumaco/public_html/wp-content/plugins/bp-custom.php:17) in /home/borumaco/public_html/wp-content/plugins/what-would-seth-godin-do/what_would_seth_godin_do.php on line 124

Add that it includes a link to this very forum?? What’s going on?

I’ve got our developers looking at this thread but any other insight you can shed is most appreciated.

http://en.wikipedia.org/wiki/Bozo

“A stupid or foolish person” Other words for “spammer”.

You probably were marked, or at least your post was marked, as spam, as coming from a bozo. This is not an insult. It is the actual term that bbPress applies to suspected spammers. This has happened to me twice in the past.

If this happens again, or seems permanent, you should contact Andy or jjj as whenever I log into bbPress admin, it does not show me the “bozo” members. So, I have no way of changing the status.

But, since you are obviously posting right now, the issue was more than likely the system marking that particular post as probable spam. This is just a hunch.

Probably because the spammers don’t recognize it as BuddyPress yet, don’t expect that to last long.

What we need, is a spam bin. I has an ideas. Let me mock it up.

Please, please, please – we don’t really need to see these spam message contents are they are pretty much identical, and we certainly don’t need email address or URLs posted as they help the spammers’ cause.

@Jeff. I don’t know… anyone who could solve the Unified Field Theory is not quite human in my books. LOL We could call it CAPTCGA (Completely Automated Public Turing test to tell Computers and Geeks Apart)

closing pm system have to be like anyother privacy… i think we have a great coder here who started something like that somewhere, i don’t remember his name or the tool….

/me is low brainer.

rofl

settings:

global to all users

global to all blogs

per user switch on/off

…

@Harry

Yes, my Privacy Component works just as I described. It is an advanced beta available for testing. See this thread for more details: https://buddypress.org/forums/topic/buddypress-privacy-component-an-update/page/3#post-30574

@David

I wouldn’t give users the option to set it to friends only. Or at least… I would like the site admin to have the ability to disable that option.

In my Privacy Component, the site admin can choose to disable this feature.

But, to get back on topic, I agree that the best solution is the one that requires the brunt of the filtering to be accomplished through invisible, behind-the-scenes techniques. Requiring users to prove that they are members and not bots should not be the first line of defense. I think it is okay, even necessary for registration purposes. But that is a one time occurrence. After that, the system should do more of the policing.

Concerning your second link above, perhaps we could create a new CAPTCHA that could harness the collective intelligence of site members to solve the Unified Field theory.

You know you’ve made it when… LOL

I would highly recommend against closing off the private messaging system or even allowing it as an option. Being able to message someone you are not friends with is a HUGE use case in my opinion. Crucial even. I wouldn’t give users the option to set it to friends only. Or at least… I would like the site admin to have the ability to disable that option.

Personally… I despise CAPTHCA. Don’t pass your problems off on your users. Like websites that say “Best viewed in” or “Set your screen size to”… etc. Any solution must be invisible to users. I’ve heard of people using javascript events (mouse click for instance) as an alternative. Sounds good to me. Here’s something I found with a quick Google search.

http://www.webdesignfromscratch.com/javascript/human-form-validation-check-trick.php

Alternately… you could use a simple math question… like as in example. LOL

http://farm3.static.flickr.com/2174/2268237733%5Fcda4a1dbb3.jpg?v=0

@DJ PAul & Jeff.

DJ Paul: Agree that a user should be able to choose whether he wants PM from strangers or only from friends.

Jeff, not sure if this is what you mean, but does the Privacy Component allow you to define this setting as just described? Do you have any update about whether your work might be added to core or if it is considered a plugin?

received this 4hrs ago from babyzin, a day after hakam’s, and i do look quite ok:

My dear

how are you,

i hope that all is ok, as is my pleasure to contact you after viewing your profile at (buddypress.org) which really interest me in having communication with you if you will have the desire with me ,

here is my email as i will be waiting to hear from you,

yours linda

@Harry (a.k.a. stripedsquirrel)

I think a very good start is that you can only message your friends. Thought that this would be already ths case, that is why I wondered how we could get spammed?

See this discussion: https://buddypress.org/forums/topic/compose-message-send-to-username

Basically, the autocomplete message recipient list only autofills from your friends list. However, anyone can message any other individual via the “Send Message” button on user’s profile screen. All that is needed for a user to send a PM is that they have a member account and that they are logged in to the system.

On a related note, my Privacy Component does have an option to filter out the “Send Message” button, making it only visible to those you choose.

– Anyway, I think a very good start is that you can only message your friends. Thought that this would be already ths case, that is why I wondered how we could get spammed?

In my case, I need to be able to receive messages from anyone. Such a thing needs to be a per-person decision/setting.

Hi DJ Paul.

as far as I can see, nobody is complaining that the sky is falling, that would be a quite silly thing to do. Well I guess technically it is, but at least the earth is stopping it from doing so

Just pointing out an inaccuracy in thinking, I am sure that this is allowed without immediately posting PHP to fix it?

Back on topic; the question should also be: how could this spammer get access to all the usernames automatically? Of course everybody is listed, but somehow the were harvested and added to the pm list.

– Anyway, I think a very good start is that you can only message your friends. Thought that this would be already ths case, that is why I wondered how we could get spammed?

– Additionally: a maximum of PM’s per user per x amount of time (seems that 1/minute should be enough, + 50 per day. of course this should be optional and configurable with error notification (site options or plugin?)

– Maybe a maximum mailbox size, which included sent messages. So that at least spammers have to clean out their sent box before being able to send new messages.

– Also a maximum of adressees per PM, else the other 2 are useless

– maybe a minimum age of user (meaning time since registration), before he can send out PM at all?

Of course, any of these can be worked around, but at least it might slow spam down, at least from strangers..

Cheers, Harry

Rather than complaining that the sky is falling, how would you propose we resolve this issue? A captcha on the Messages screen (or at least making sure hooks are in to allow a plugin dev to add this)? Messages sent only to friends?

Hi Andy, I think you are incorrect there. Spammers like to send spam. I am sure you get some in your email?

What is easier to get into a nice big community (without having to create a blog) and easily (?) send spam PM to all members of the community? You don’t even have to infect computers, as you can use the internal messaging system and you know most users will get the message as an email as well.

Hey, it saves them from email harvesting or buying ‘5 billion email addreses’ dbases as the community has already done this.

So, no, apparently (and this example that started this topic has proven this), it is possible on BuddyPress and it serves the spammers purpose, so disabling blog registration will not stop this. You can disable blog and user registration, but it might be hard to start a community that way..

Cheers, Harry

Spam is generally only a problem if you have blog registrations on, spammers only care about creating and spamming on blogs. I think some work will be done on this, but it’s not going to be on the BuddyPress side.