Miphee wrote:(All this spamming and double (triple) user trolling would go away if active members had to register a phone number to be able to comment. It works just fine on other forums.)
I assume you mean SMS verification. What about those of us who don't
have smartphones?
I'm on Discord, but I've warned my friends that, if I ever happen to trip over an IP address that was used to abuse the service, I'll stop responding without warning because Discord explicitly says that no exceptions will be made to their "one suspicious sign-on, and your account is locked until you SMS verify" policy.
Heck, given how big Discord has become as a communication service, if I had the time to engage in such legal activity, I'd see if the Canadian Human Rights Tribunal would be willing to declare such an artificial dependency on SMS in the country with the highest mobile rates in the developed world to be discrimination against the poor and penalize Discord for it.
(Plus, there
do exist services that are SMS equivalents to disposable e-mail address providers, so you'd be locking out legitimate users like me while spammers wouldn't fear account deletion enough to be fazed by the prospect of using disposable SMS providers to verify.)
The proper solution is to lock something inherent to the spammers' efforts, like posting URLs, behind some kind of reputation-based system, so abandoning/losing an existing account identified as being a source of spam and creating a new one sets them back to square one.
Heck, for my contact forms, the big problem was SEO spam bots, so I got rid of 99% of spam just by disallowing
[/url],
[/link], and
</a> with a plain English message asking users to use bare URLs instead, because the form generates a plaintext e-mail, and also requiring a words-to-URLs ratio of at least 2:1 "because I want at least
some descriptive text on the URLs people submit".
The rest was spam selling things like SEO and paid visitors to me as a webmaster, and I was able to kill 99% of
that by adding some other "check and politely ask for correction" blocks that hit on the properties of their form letter formats which I wouldn't want from a real human either. (eg. e-mail addresses outside the reply-to field in messages submitted with JavaScript disabled, the same URL appearing more than once in the same message, URLs disguised by known URL shorteners, and the word "unsubscribe".
(Identifying characteristics that I legitimately don't want from
anyone sending me a plaintext e-mail, which happen to trip up spammers disproportionately, has become a bit of a game for me, to be honest. I could have easily killed off every spam submission I've seen in the last two years just by disallowing submissions from visitors with " UBrowser/" in their User-Agent string, but I'm trying not to use blacklists and the URL shortener blacklist was bad enough.)