Hi Scott,
thanks for raising this issue, bots registrations are a constant issue on my site, but pretty successfully controlled with a combination of:
– limit permitted registration email domains to the most common, Gmail, Yahoo, aol, etc. No weird stuff allowed.
– BP Registration Options plugin, but requires a lot of manual moderation.
Your point: I must say that not a single bot registration attempt on my site was ever able to activate the account by successfully responding to the activation email. They simply generate non-existent email addresses so never become active.
Your experience is different?
TBH this was just an idea I had while looking at the scope of possible ways to stop spammers/bots. I’ve implemented a few things already like reCaptcha, Ban Hammer, redirects, honeypot. You’re probably right that many of the bots are stopped at the Activation step IF they are using a disposable email. I assume smart ppl would have developed a way to activate spam accounts if needed. Then again maybe they just go for the low hanging fruit.
I am curious though how you’re so sure bots aren’t registering? I have about 1,200 registered users and the vast majority are Gmail address. Alot of them look suspicious, like Username: dien01234567 Email: dien0134567@gmail. I have a very eclectic audience, so I have to be careful which email services I block. But even so I can’t believe all these Gmail users are real…
Hi, site is 3 years old, 13,000 members, approx. 1100 active daily, but not a single instance of multiple-user spam-messaging, forum spamming, blog comment spamming, etc.
The site is a (very mild) NSFW dating site, niche interest, so is a prime target for bots, but so far no big issues.
If you want to compare ideas/methods then please provide some form of contact, happy to provide info in private.
