19

The last time we've discussed hellbanning, it was in the context of low-quality contributors. I agree that people who post crap should not be hellbanned. Suspension, auto-question ban, and all other tools that the community and community moderators have is sufficient.

For spam however, the problem is different. In the recent spam wave, we realized that the offenders aren't actually employing bots, they are actual humans, posting spam and avoiding the blacklisters and impositions set in place.

The following suggestion resulted from a discussion I had about this subject with Gilles; I must say that this idea is more his than mine.

I propose hellbanning obvious spammers. So that:

  • Only a hellbanned user can see his own posts.
  • Anonymous or unregistered users from the same IP address can also see the same user's posts. Hopefully in an attempt to delay the spammer's realization that something is wrong.
  • Registered users of any IP address, or Unregistered and Anonymous users from any other IP address will not see any of the spammer's posts.

The idea is to make the spammer waste more time than it's worth posting the spam. Right now, it's trivial to post spam, get destroyed, open a new account, and start the cycle again. And if I get IP address banned? Just switch IP address or use a proxy. The thing is, it's super easy, and takes little time.

One can argue that the current system works, six spam flags on larger sites, and moderators on smaller sites. But the point is to make the spammer's life harder, not ours.

An example to make things clearer.

Given two users, S(p)am and Madara, who are neighbours, and share the same IP address (because Sam is a useless leech that lives with his parents at the age of 30, and feeds off my Internet connection).

  • Sam posts a spammy question.
  • Sam gets noticed by a moderator, and gets hellbanned.
  • Sam is happy because his spam wasn't deleted quickly, and keeps posting more and more invisible spam.
  • Madara wants to visit Otack Sverflow for the first time, he's able to see Sam's spam.
  • Madara registers for a new account, and Sam's spam vanishes from his sights.

In this example, Sam is the user under hellban, Madara does not get hellbanned, but as an anonymous user, he can see Sam's posts.

Improve this question
13
  • 4
    How do you know the recent (or rather, current) spam is being done by humans?
    – a cat
    Commented Aug 17, 2013 at 13:40
  • @theentirepopulationofCuba: When we made a tweak to the spam filters, they very quickly adapted.
    – Madara's Ghost
    Commented Aug 17, 2013 at 13:42
  • 2
    The problem is, we already know these spammers are using IP proxies. Since there are a limited number of IP addresses, they're obviously stealing someone's legitimate IP address to post their spam. When we start hell-banning spammers, and they switch IP addresses to get around the ban, we just leave behind collateral damage. What happens when that IP address gets re-allocated to someone else who wants to legitimately use the site?
    – Cody Gray - on strike
    Commented Aug 17, 2013 at 13:46
  • 2
    @CodyGray: You don't hellban the IP address, you hellban the user. People from that IP address can only see the hellbanned user's posts. You don't shun messages from them as well.
    – Madara's Ghost
    Commented Aug 17, 2013 at 13:47
  • Can you add a timeout? Something like "no evil posts in 3 months, perhaps the IP has been reassigned / might be trustworthy again"?
    – Dan Pichelman
    Commented Aug 17, 2013 at 13:48
  • 2
    If implemented, then this also needs some manual queue I guess, to validate that it's indeed spam. Note that no other flags will be raised anymore if other users don't get to see the spam any longer.
    – Arjan
    Commented Aug 17, 2013 at 13:50
  • I've added an example. The IP itself isn't banned, but people from the same IP can see the spammer's messages. That's to delay the spammer further in case he logs out to see if his messages are still there, since no one is answering.
    – Madara's Ghost
    Commented Aug 17, 2013 at 13:52
  • @Arjan: That's correct. It might be possible to implement some sort of voting system for mods (i.e. takes 3 hellban votes from moderators to hellban a user).
    – Madara's Ghost
    Commented Aug 17, 2013 at 13:53
  • @MadaraUchiha That would rarely (if ever) happen on small sites. Some mods may log in once every 4-5 days or less. By that time, the spammer would anyways be handled.
    – asheeshr
    Commented Aug 17, 2013 at 14:03
  • @AsheeshR: I don't find that likely. Mods are usually lurkers. I know that at least on most sites, there's mod activity every day. Sites that don't have mod activity at least once every 2-3 days should get new mods.
    – Madara's Ghost
    Commented Aug 17, 2013 at 14:05
  • I meant on sites having teams of three, one of the mods may be logging in infrequently, not all three :)
    – asheeshr
    Commented Aug 17, 2013 at 14:11
  • As for "When we made a tweak to the spam filters, they very quickly adapted" — if you're referring to blacklisting words, special characters or URLs, then I guess you and I would also implement a spam bot to switch to different texts and URLs as soon as something gets blocked? But maybe the filters are different.
    – Arjan
    Commented Aug 17, 2013 at 14:11
  • 4
    SPAM! (╯°□°)╯︵ ┻━┻
    – animuson StaffMod
    Commented Aug 18, 2013 at 6:17

2 Answers 2

Reset to default
25

Let's think about the worst that could happen if an 'innocent' account got caught up in this, which I don't think would happen very often, but it could. Remember, we have over 100 sites, each one has at least 3 moderators.

  • They'd see a lot of junk associated with their account
  • They'd waste time writing contributions that no one would ever see

I'd much rather just not accept content from a host associated with N accounts being destroyed recently for spam unless it's a logged in user with more than 20 rep, or a verified email address. I'd rather someone caught in a false positive see this:

Sorry, we can't accept any more posts from your network today due to chronic spam or abuse. If you're an established user, please simply log in to lift this restriction.

... and be informed by support that:

If you have less than 20 reputation, you can verify your email address by (instructions) in order to lift the restriction

... after demonstrating that they're obviously human, rather than risking them wasting their time writing answers that will never help anyone, or questions that are never really asked.

That's what we have to consider here, cases when we're wrong, and that's why I don't like hellbans. The system should be keeping this stuff out automatically for the most part, and I think we need to continue to strive in that direction. I do not want hellbans implemented at any level in the system, and if it ever got to the point that scale just demanded that we have them, I don't want human beings tasked with pulling that lever. It's just too easy to want to pull it as a solution for other problems.

Remember, we now keep track of why accounts get destroyed, and there's talk about two keys needing turned to be able to clean up spam network wide. As soon as data agrees that one of several implementations to keep this crap severely at bay will work, then I'm more than certain that we'll start moving in that direction.

Improve this answer
7
  • 2
    What if the hellbanning only kicked in after the user had received at least N spam flags (in addition to the automated tracking showing “likely spammer”)? So that all hellbans would result in at least one human saying “this guy is a spammer”.
    – Gilles 'SO- stop being evil'
    Commented Aug 17, 2013 at 14:13
  • Remember that the point is for the spammer to waste time. If you give him a pretty message like that, he'd just create a new account. And when he'd find his host is blocked, he's just go proxy and open a new account. We want spamming to be as time consuming as possible for the spammer, and as little as possible for us.
    – Madara's Ghost
    Commented Aug 17, 2013 at 14:13
  • 7
    I just don't see it as a fix, why are we letting some fool just put crap in our database when an algorithm that can see all sites could simply refuse to accept it? It just seems completely sub optimal to do that.
    – user50049
    Commented Aug 17, 2013 at 14:15
  • @TimPost: You can just as easy clear hellbanned posts every N days. The hellban is only good as long the user thinks he isn't banned.
    – Madara's Ghost
    Commented Aug 17, 2013 at 14:19
  • @TimPost You're pointing out that the algorithm can be wrong. Which is why I don't propose that this kicks in based on an algorithmic decision, but based on an algorithmic decision plus human intervention. And even if there's no hellban, at least reduce the number of flags required to delete posts that are recognized at likely to be spam based on IP and content.
    – Gilles 'SO- stop being evil'
    Commented Aug 17, 2013 at 14:25
  • 1
    This may be drifting towards Better tools to handle spam on low-traffic sites and Drop spam flag lock action limit from 6 flags to 4, but I do think hellbanning would slow the spammer down.
    – Gilles 'SO- stop being evil'
    Commented Aug 17, 2013 at 14:26
  • 1
    @Gilles Hell banning gets tricky when you have someone that does it in answers, each time creating a cookie based account. Then you're getting into hell banning an IP that thousands of people might be using, depending on location. That's .. not something we're really comfortable with, I'd rather outright reject posts than let affected but 'innocent' folks think people are just ignoring them - at least they'd know, and there would be recourse at the user support level (by contacting us).
    – user50049
    Commented Sep 16, 2013 at 14:11
4

It will work only against amateur spam kittens, as well as for occasional crap posters, who will annoy someone with their crap hardly enough to make their crap spam-flagged.

It's very easy to check if you're hellbanned or not, even with the IP-based site spoofing. You can just check google cache to see if your content is visible or not. In case of SE, the content gets to the google cache so quickly, that only the complete greenhorn would not notice...

Hellbanning is the last resort to be used, when you have no other control over the content that get published and reaches your eyes. Many users use that in chats or Usenet, where the mods are failing to deal with spam, but it's simply not enough to prevent contemporary professional hardcore spammers.

Improve this answer
4
  • 2
    Now the hardest question ever: is Baba a spam kitten, or a hardcore spammer?
    – John Dvorak
    Commented Apr 29, 2014 at 7:54
  • 2
    True, but the point is, it will take the spammers time to realise they need a new account, rather than it would take our moderators time to destroy them time and again.
    – Madara's Ghost
    Commented Apr 29, 2014 at 8:14
  • 1
    As another example, most captchas a very trivially broken with a simple OCR. However, even the most trivial captcha ("What's thirty three plus nine?"), is enough to deter the absolute most of spammers. Why? Not because it's hard, because it's not worth the time.
    – Madara's Ghost
    Commented Apr 29, 2014 at 8:15
  • However, this is a bit irrelevant nowadays. We have
    – Madara's Ghost
    Commented Apr 29, 2014 at 8:37

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .