So I’ve set up my first set of forums on http://www.garage-sale-tips-maps.com using PHPBB2. Everything starts out OK with some pretty liberal settings. It doesn’t take long before the spammers and link scammers discover the site and start creating dozens of accounts with pr0n and mortgage related links in their user profile and posting garbage in the forums.
The wife and I delete the spam as fast as we can and I install/use the great PHPBB2 toolkit to delete the garbage accounts.
We back the registration process back to email verification. No help there. The rate of new bad accounts increases.
I regrettably back the registration off to the admin (me) confirming new members. OK, now you can’t see the spammers and they’re not adding garbage to the site. But now I get 20 new accounts to delete a day. (Hah! three just came in now :)) This is turning into real work…
Restricting accounts with email from mail.ru and a couple other domains helped a bit.
The next step is to continue loitering around the phpbb forums looking for help.
The really sad thing about this episode is that open source is clearly open to attack. This because the spammers have access to the source and craft exploits that circumvent the site’s spam controls and user interface to create spam accounts. Of course, the flip side is that I can create obstacles that block the bots, which I’ll likely have to do.