Elgg's Spam Prevention Automated Systems

By Tom

As Elgg Engine continue to develop as open source social networking software and helping thousands of old and new users are connecting their community members and extend communities around the world, from time to time there is ongoing spam complaints concerning inappropriate or unacceptable conduct by a few members and even by commercial spammers. As a result, constant spamming can be degrading scenario to existing Elgg members and even undermining the community principles itself.

For example, for the past 5 years as an elgg member, I have noticed that if someone sends the same message to 40 people who are not on his following and even friends list for an hour the massage normally turns to be spam.

Also, if an Elgg member sends friend request to about 65 percent of the community member he or she does not know and most of those request are ignored, it is likely that member is annoying others or is a spammer.

For an Elgg spam plugin to work effectively, it has to be designed to detect suspicious behavior, block the suspicious activity and also warn the person who is conducting the suspicious behavior to slow down. However, if the suspicious activity continues even despite the warnings, the person’s account should be disabled automatically until they can be beyond reasonable doubt that the account is belonging to a real human but not a bot or machine or fake account.

In the case of a real person’s account become compromised, there should be a processes to give the rightful owner their account back. For example, the person whom his or her account has been compromised, they should be given an opportunity to appeal the decision by contacting the Elgg based community sites administrators. After the account has been reviewed and confirmed to be a legitimate account and the account owner did not violate the site’s terms or rules, their account is finally reactivated.

Elgg's Spam Prevention Automated Systems don’t just prevent spam and other suspicious activities or annoyances but also against dangerous websites out there that can steal the Elgg user’s information and even damage the Elgg member’s computers. These dangerous sites should be blocked under block list and prevent Elgg wire or profile post messages that contain those dangerous website links.

Most of the time on one of the site that I am currently running, I have also noticed that most of the spammers normally hide their malicious website links behind URL shorterners like Tiny URL or even bit.ly links.  If this is the case, Elgg’s Spam Prevention Automated Systems should be able to temporally block a user who is suspected of using such tactics by blocking all use of a specific URL shortener Elgg plugin.

If a genuine user is trying to use the same ELgg URL shortener plugin, they should be sent a notice to try using the original URL for anything that they want to share.

There are 19 different kinds of plugins here on Elgg community designed to fight spam and if the developers of those plugin can came together, they are likely to come up with a better approach to  protect Elgg based sites against spam and other annoying attacks.

In order for these Elgg's Spam Prevention Automated Systems to work effectively, these systems should work effectively in the background that most of the Elgg users will rarely encounter one.

Feedback and Planning

Feedback and Planning

Discussions about the past, present, and future of Elgg and this community site.