spam

Earlier this month, Mollom was officially discontinued. If you still have the Mollom module installed on some of your Drupal sites, form submissions that were previously protected by Mollom will behave as if Mollom was offline completely, meaning any spam Mollom would've prevented will be passed through.

For many Drupal sites, especially smaller sites that deal mostly with bot spam, there are a number of great modules that will help prevent 90% or more of all spam submissions, for example:

From the article reCAPTCHAs are finally readable by normal humans:

Google today announced that reCAPTCHAs served up to humans are finally readable without the need to squint your eyes or bang your keyboard in frustration after typing the wrong sequence of letters five times in a row. Who can even read those things, amirite?

I'm glad Google is making CAPTCHAs easier for humans to read. For the very, very rare times when they're necessary, that's a good thing.

However, I want to make an appeal to the thousands of developers who are thinking of implementing a CAPTCHA to deal with their site's form/registration spam: use CAPTCHAs only as a last resort.

CAPTCHAs: The nuclear option.

I recently started receiving spam (unsolicited) text messages on my iPhone. I first received one on New Year's Eve, at 8:31 p.m., and then again at 5:00 a.m. a few days later (nice wakeup call... thanks).

These messages were all from some company named 'GagaCell', which didn't turn up many good search results (most were about Lady Gaga, and I'm pretty sure she doesn't harass people with text messages—just her music and lack of style.

After some online research, I discovered that many people, even after sending STOP to these shortcodes, end up with monthly charges on their cell phone bills. Since I watch my bill pretty closely, I noticed that, all the sudden, I was getting a $9.99 subscription from 'BULLROARE', a content provider I'd never heard of, from short code 31850 (The subscription name was 'IQ32CALL8668611606').

...such is the title of my session proposal for DrupalCon Denver 2012. I'm aiming the presentation at beginners, but it should be helpful for anyone with a Drupal site that has fought the battle with spammers—and lost.

Since I've had experience building and maintaining a variety of sites, from small blogs with a few posts a week, to large community sites with hundreds of posts and user accounts created per day, I figured I would try to share some of my experiences and what worked and what didn't. I hope to talk about the importance of keeping your site's user experience (UX) first, while still fighting off spammers, and then speaking about particular use cases and solutions.