[quote=@Mahz] [h3]Anti-Spam System Proposal[/h3] The first feature we need is a regressive ratelimit. The fewer posts/PMs you have, the longer you have to wait between posting. This addresses the issue of a single spambot creating posts as fast as the forum can accept them (as it was in the recent spambot attack). I will also ratelimit by IP address so a spambot can't just even their spam across a bunch of accounts so easily. For example, if an account has 0 posts, they would only be able to create a topic or post every 10 minutes. Once they get 5 posts, they can post every 5 minutes. Not sure of the numbers yet, and I obviously don't want to kill the momentum of a new user, but that's the idea. Really depends on what kind of spambot behavior we have. Existing established users wouldn't be ratelimited (beyond perhaps a sanity-check of a few seconds to prevent double posting once and for all). When addressing spambots, in my experience, you don't need perfect countermeasures, just countermeasures that makes things annoying enough for them to stop (if there's a human driving them). It's possible that a ratelimit alone is enough for me to re-enable registrations while I work on the following features. The second feature is a moderation-queue for new accounts. It should be a list of the first 5 or so posts by each newly registered account. From there, mods can nuke spambots or, more importantly, promote new-but-legitimate users into full members so they can escape the ratelimit. That would make our lives a lot easier, bless our moderators who have had a very shitty modkit over the last two years. The third feature is a general report-post/report-user system. Something we've needed for a long time but kept getting procrastinated due to our two-year lucky streak of minimal spambot issues. The fourth feature, though more of an unlikely wishlist feature, would be a system for trusted users to vote to nuke spambots without mod intervention. Mods would simply see a feed of accounts nuked by the community which they could then reverse if there was some sort of wrongful nuking. I'm implementing those in order (ordered by urgency) and hopefully the ratelimit alone is enough to discourage the spambots that attacked us last weekend. [/quote] My Critique on the 4 proposals. [list][*]First Proposal does make sense and I have seen it used on another forum in a similar matter, however I think the wait could potentially harm new member's contribution to a new RP, thus causing them to miss out. If someone on day 1 with 0 posts wants to enter a roleplay, they may need to post to say they are interested, post the character sheet and perhaps ask a question or two for clarification on details, that could be a 30-40 minute wait. On the internet with the speeds we run and post at, that's a very long time. I'd actually be inclined to have a counter of sorts where every [i]x[/i] minutes [i](eg: 15 perhaps)[/i] your allocated post limit is set to [i]y[/i] amount [i](ie: 3 posts every 15 minutes)[/i]. A regular poster wouldn't notice it too much as the chances of making 4 or more posts in 15 minutes wouldn't be easy, per say, but to a copy paste spammer they would hit that limit very early on. Until the member reaches [i]z[/i] posts [i](eg: 30 posts)[/i] or a set time frame they are classed as a newbie and will have this limit placed on them. You would also have to be clear as to the number of posts they could have during their [i]y[/i] time frame so that they can manage their replies more eficiently and not always burn out with simple [i]"Interested in this RP!"[/i] posts. [*]Second Proposal is fine. A simple tick to say that a member is all good, but it's not something that should be relied on all the time as it's extra work. [*]Third Proposal is much appreciated. It's always nice to report, not just bots, but also bad behaviour. I do think more should eventually be added into this for both clarity and ease of use (eg, being able to report members, PMs, and Visitor Messages). [*]Fourth Proposal... [quote]The fourth feature, though more of an unlikely wishlist feature, would be a system for trusted users to vote to nuke spambots without mod intervention. Mods would simply see a feed of accounts nuked by the community which they could then reverse if there was some sort of wrongful nuking[/quote] I can see the potential for abuse. While the intention is good, an issue can occur when a group of people decide to troll and harass an innocent member. There would need to be several things added to this for it to work fully. [list][*]Only what I would call elite members should be allowed to use this feature. People who have been here for over a year or two and only those who have a high post count. Generally these would be people who are more invested into the forum than your newer members and know the insides and outsides of the site [*]Everyone who flags a post has their name added to a public list of flaggers on that particular post, and possibly on their member page. If 'Internet Tough Guy' wants to bully all the newbie members, then you have all the information on his profile so that he can be addressed and even have these powers removed. That way only the members who do the job right will be able to use this feature [*]Flagged users shouldn't be banned, but perhaps have their post per time frame (going back to first proposal) reduced (ie, from 3 post every 15 minutes to 1 post every 15 minutes). That way the community is still helping contribute to the maintenance of the forum but you are not relying on moderators for cleaning up the errors and possibly loosing a few new members because the community thought 'MrBOT' was a bot and not a legit user. [/list] [/list]