A honeytrap suggestion for Drupal and Mollom

Drupal LogoI have a couple of dormant domains at the moment that I’m always threatening to do something with. For the moment though, they serve nicely as testing sandbox for various Drupal-y things I’m working on.

On one such domain, the other day, I installed the latest beta of Drupal 7. It was much fun, messing around and getting lost in (yet another) re-juggling of the interface and trying to find common menu options, etc, etc. But that’s not the point of this post.

My point is – in its default installation, Drupal allows visitors to sign up to the site and create an account. Administrator approval is required to activate the account, so there’s nothing technically malicious they can do. But the point is, spammers or spambots seem to very quickly find these sites and attempt to log in.

Only a handful of days later, the site was riddled with new accounts. I have a page full of them right now. The thing is, the domain’s not popular and is barely linked to from anywhere. Nothing in the content is inviting people to sign up or join the site. In fact, I have another completely obscure holding domain that has exactly the same problem, plus a couple of production sites where managing spammers has become a time consuming task.

Where I’m going with this is that Mollom, the anti-spam/moderation software from Acquia, only allows me to flag a spammer by flagging their content. I would dearly love to be able to flag some of these accounts as pure spam. I’d also like to know that by doing this, I was contributing to an automatic blacklist database – maintained by Mollom – that would ensure that the email and IP addresses of the submitter were marked as suspect.

Perhaps the “spam scores” for those accounts could be modified the more contributing sites flag them up? It seems silly that I have a ton of clearly spam-based accounts sitting on my site that I can’t contribute their details back to Mollom and flag them to save other users of the service the same trouble.

Also – and this is just a feature nit-pick! – I’d love to be able to block a user at the same time as I report spam content to Mollom. And perhaps a button that resets the user’s profile fields, because I get a lot of linkdropping on profiles on one of my sites. It would make fighting spam so much simpler, because currently it’s a multi-step process, involving:

  1. Ban/block the spam account.
  2. Remove any spam content they’ve posted, including comments and nodes.
  3. Empty out any user profile fields they’ve completed.

PS. Anybody else getting a lot of spam on their Drupal sites from Gmail accounts? It’s frustrating because there’s no way to block free mail providers like Hotmail, Yahoo and Gmail without killing off your community site!

5 thoughts on “A honeytrap suggestion for Drupal and Mollom

  1. Great idea! I get a lot of gibberish posts from my contact form. Links that don’t go any where and user names that are meaningless. I wonder if these are spam velociraptors just testing the fence or just spam tracking numbers. I remember Dries posting something about this before, but I never heard what the general consensus was.

  2. Amen!I have one site in particular, http://www.lolsaints.com, which now has over 10,000 users, only about 500 of them legit, and if I had a way to report them to Mollom and prevent 90% of the accounts from being created, I’d pay Mollom a bit per month, easily.On another site, I really would like the ability to mark the post as spam AND block the account at the same time… would be very nice.

  3. sun

    Yay!  The right blog post at the right time.Some of the discussed functionality has just been added to Drupal’s Mollom module.Work is on the way to also improve the deletion of spam user accounts. But of course, Mollom’s primary goal is to block that spam in the first place.If you want to help testing the new functionality on your site, you may update to the latest development snapshot.  A new official/stable release will be published shortly (if tests have been positive).sun

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s