> IP addresses from multiple netblocks, from multiple providers, that are completely clean in every reputational database
I am suggesting to use your own reputational database of IP addresses, and keep your own database private. So it will be hard for spammers to find out if their IP address is already blacklisted.
Bad IP should not prevent Dreamwidth account creation, but instead should allow spammer to create the account, so Dreamwidth can collect other spam indicators, such as: - Email address and email domain. - Connections to other Dreamwidth accounts. - Content keywords. - Other involved IP addresses. - ...
> move on to the next group of clean ones
Do you mean that it is easy for a scammer to get access to clean IP addresses? The spammer's dilemma is that if IP address is easy to access - then this IP address is quickly getting blacklisted.
> if I pulled the IPs of our last 100 spam accounts, every single one of them will have a cleaner reputation than the IP address you are currently using
Does Dreamwidth maintain the internal database of IP addresses Spam/Ham scores (based on Dreamwidth users activity)?
> Because they stop using them when they start accumulating negative reputation.
If Dreamwidth does not immediately delete spam accounts, then it may be quite tricky for spammers to detect that their IP address accumulated negative reputation in internal Dreamwidth database.
> there were about 130 ISPs licensed to operate in Bangladesh. We saw spam from over 100 of them.
So penalize IP addresses from 100 Bangladesh ISPs and do not delete accounts created from the remaining 30 Bangladesh ISPs. This will put users' pressure on the bad ISPs to deal with spammers in their own IP networks.
> if your only understanding of toll fraud comes from a Google search and reading a surface-level article
I run a job board and deal with spam and scam every day. Spam is a relatively minor issue for us vs scam (which is operated manually and not on a bot scale).
For spam indicators we use: 1) IP addresses (and networks). 2) Email addresses. 3) Content keywords. 4) Browser User Agents. 5) User's feedback.
> Site behavior is also not an accurate spam detection system. > It detects less than 5% of spam account creation, and some days less than 1%.
What do undetected spam accounts do?
If they do something harmful - why you cannot detect such harmful behavior?
no subject
I am suggesting to use your own reputational database of IP addresses, and keep your own database private.
So it will be hard for spammers to find out if their IP address is already blacklisted.
Bad IP should not prevent Dreamwidth account creation, but instead should allow spammer to create the account, so Dreamwidth can collect other spam indicators, such as:
- Email address and email domain.
- Connections to other Dreamwidth accounts.
- Content keywords.
- Other involved IP addresses.
- ...
> move on to the next group of clean ones
Do you mean that it is easy for a scammer to get access to clean IP addresses?
The spammer's dilemma is that if IP address is easy to access - then this IP address is quickly getting blacklisted.
> if I pulled the IPs of our last 100 spam accounts, every single one of them will have a cleaner reputation than the IP address you are currently using
Does Dreamwidth maintain the internal database of IP addresses Spam/Ham scores (based on Dreamwidth users activity)?
> Because they stop using them when they start accumulating negative reputation.
If Dreamwidth does not immediately delete spam accounts, then it may be quite tricky for spammers to detect that their IP address accumulated negative reputation in internal Dreamwidth database.
> there were about 130 ISPs licensed to operate in Bangladesh. We saw spam from over 100 of them.
So penalize IP addresses from 100 Bangladesh ISPs and do not delete accounts created from the remaining 30 Bangladesh ISPs.
This will put users' pressure on the bad ISPs to deal with spammers in their own IP networks.
> if your only understanding of toll fraud comes from a Google search and reading a surface-level article
I run a job board and deal with spam and scam every day.
Spam is a relatively minor issue for us vs scam (which is operated manually and not on a bot scale).
For spam indicators we use:
1) IP addresses (and networks).
2) Email addresses.
3) Content keywords.
4) Browser User Agents.
5) User's feedback.
> Site behavior is also not an accurate spam detection system.
> It detects less than 5% of spam account creation, and some days less than 1%.
What do undetected spam accounts do?
If they do something harmful - why you cannot detect such harmful behavior?