Call For Feedback: My New Guest Idea

[johnnygoodman]

Howdy,

The spam problem is well in hand. We've got to deal with spam via registration, but that is easy to do, we just have to get Theo free long enough to knock it out.

Guests are a harder problem. I've got an idea I'd like feedback on. I think:

#1 Guests should be able to post direct, no signup, no annoying image verification.

#2 If the IP address the guest posts from matches the IP address of any registered user, it will output below the post.

Pro: This would cut down majorly on evil guest posts and increase the quality of discussion through accountability.

Con: IP addresses are dynamic things. Just because an IP resolves to a registered user does 100% mean that registered user posted it. It could cause some drama.

Thoughts?

Johnny

[Amigo]

Thanks, Johnny, for continuing to keep this Forum open to our registration reticent Guests while trying to address the annoyance of "petty" posters.

However, despite your good intentions, I vote "No" to posting IP addresses for just the reason you mentioned. These addresses are very often "dynamic" rather than "static," and posting them could create a maelstrom of conflict.

[SteveoKahuna]

I'll chime in....

I don't think the image number verification is too onerous a requirement. It certainly keeps the 'bots from posting.

Kahuna

[fujiinator]

I am thinking that what Johnygoodman meant about an IP matching a registered users is that it would show the registered users name not their IP address. Yes, there can be some danger if a spammer is able to spoof a registered users IP address. I am not sure about that feature.

To be honest I have been looking in on and off for the past few weeks and have not seen much spam at all. The honor system of registered users being able to cache a suspected spam message seems to have had a profound effect.

I am not sure if it would be possible, but can it be setup so that on the first post of a guest that the image verification would show up and then if the cookie is allowed on their machine it would be good for that day only? Registered users would not have to go through this requirement unless it is an all or nothing situtation.

[CollegeGirl]

Johnny, I like your intentions of promoting accountability - however, as you say, there is too much potential for drama. Don't we have enough drama around here already? The potential for error is there - and even if the two IPs matched, the person could say "It wasn't me!" and we'd have no way to know for sure. There'd always be that chance that it wasn't the case.

We know that snarky guest posts should be taken for what they are - the immature postings of cowards who don't know how to take responsibility for their own actions. Thus, they should just be ignored.

What concerns me as well is the elmination of Guest posts that actually add something to the conversation or provide information. We get some of those, too, and I'd hate to see those go away.

[CollegeGirl]

Oooh, plus...

If a registered user gets logged out and accidentally "gets guested," (which we see happen umpteen times per thread), then his/her IP is up there for the world to see! NOT a safe thing, IMHO.

[Ric]

I agree with Steveo, the image number thing is not as annoying as you suppose. A very small hurdle for any human who has already answered several questions in the registration sequence. The number images are actually the FUN part! Why the reticence?

As for IP exposure, the thought is interesting. The way around that is simple, myself for example, I can always switch to my dial-up connection which uses dynamic IPs, and would NEVER show my DSL static IP. Anyone determined to post anonymously can do so anyway. And the learning curve will be very short.

Another problem with IP identification is that for corporate users the gateway IP is all that is exposed, everyone behind a corporate firewall will look like the same person, with a static IP. I have written web applications that do traceroute IP resolution, and have been alarmed to find transactions that appear to have been sent by.... ME! even though the packets can originate anywhere in the world. (The transaction messages contain other information that can be resolved, fortunately). I know of at least a half-dozen CPAP users in my own OFFICE! And I would not want to take credit (or blame) for anything they might say, nor they I. If a customer at a remote site used my application server to chat on a forum, I'm pretty sure we would all appear to share the same IP, or a small handful of IPs. The occasional misidentification would be confusing at best, and eventually somebody will be hurt or angry at being publicly misidentified. (or even CORRECTLY identified).

Is this a plan to deal with SPAM? or is it intended to deal with anonymous guest posting? The latter doesn't bother me at all. In fact if that is what it takes to disinhibit some people, I say fine. Some guests give good advice. And some are truly ashamed of their message, so be it. If it isn't spam or abusive or otherwise "over-the-line", the anonymous DMEs don't bother me either.

If any use is to be made of IP identification, I would suggest go after the repeat offenders of SPAMMIFICATION. In tracing some of the websites on the memberlist, the majority of them show a consistent range of IPs. That would be a good place to start.

-Ric

[bdp522]

I think guest posting should be allowed to stay. Now that we have a delete button I have no problem just hitting the button when I find spam...AND how nice is it that the forum admin gives us the ability(and trust) to ZAP spammers.

[dsm]

Johnny,

The intention is good. Am not sure the desired result will be achieved.

People can easily use different computers to connect with, also as Ric says, at certain points some users may appear to be the same user when they are behind a corporate or other type of firewall, perhaps when belonging to some ISPs (some use fancy ways of managing non-internet user allocated ip addresses withing their domains to map to realworld ip addresses outside their domain).

Re the graphics image numbering, a great idea (Ric's points are good ones).

DSM

# corrected the unintended gobbeldygook

[-SWS]

How about a friendly "Your IP address has been recorded as xxx.xxx.xxx.xxx" type reminder to each guest as they submit their post? The whole world doesn't get to see their IP address, yet it gives potentially nasty guest posters a friendly reminder that cpaptalk.com is very aware of IP numbers.

Sometimes little reminders can go a far way...

[Snoredog]

I think you are wasting you time... The spammers already have accounts, hundreds of them, they are not real hard to spot either

Go to Member List
Select Sort by Name, click Asending...

They are not to hard to spot they resemble:

xykrf.... (all just random characters)
.:[xxxxx]:. (there are hundreds of these)

Some even identify themselves with kiev and moscow in the description field.

First thing I'd do is ban those russian domain IPs, then delete the accounts and the account "setup" should be the one that requires visual verification so that you don't have bots creating the accounts.

In the past few days, I could see them posting it, I would go to Delete it and it would take me to the confirmation screen, when I pushed Yes button on the left to delete it, it would instead just log me out and tell me I have to be logged in before I can delete the post, so I just left it. So they have more control over this board than you realize.

As for tracking IP addresses, that is also a waste of time, due to the shortage of IP addresses Internic has been taking back subnets from customers with class C subnets, this forces them to apply private IP addresses behind a firewalls, then if a DSL or cable the IP may change several times per day. Then if they are using VPN your in a swim lane and it becomes even harder to track. Dial up generates a new IP with every call even the MAC address is sometimes hidden. I mean what are you going to do ban AOL or Earthlink or Comcast.

[-SWS]

Could be wrong but I think Johnny is tentatively satisfied with the current spam solution. I think his current proposal aims to find a way to decrease those nasty anonymous posts that include name calling, squabbling, etc. I'm thinking a subtle, human psychology approach just might help with that problem.

[MartiniLover]

Post the IP address, I don't care. In fact sounds like a good idea, if someone is posting and not signing in, it will let you know.

[harikarishimari]

Some even identify themselves with kiev and moscow in the description field. First thing I'd do is ban those russian domain IPs, then delete the accounts and the account "setup" should be the one that requires visual verification so that you don't have bots creating the accounts.

You have fallen for the bait. Don't be fooled, the .ru domain identifier, the kiev, the moscow and those stupid hieroglyphic russian characters are only occasionally mapped to russia. Most traceroute directly to san jose calif, buffalo ny, south korea, or other places. as Ric mentioned, those IPs could be masked out without jeopardizing any "real" guests or members. And some of those IPs are "re-mailing" centers which obliterate the IP history in a packet and are used mostly for advertising, legitimate or otherwise. Those could and should be masked out of the forum. As snoredog mentioned, those are easy to spot. Why not delete them.

And what if I go to my friend's house and use his/her computer, and the IP doesn't match properly. Do you really want to get involved with the "who is staying with who" business? (I admit it would make it more interesting ).

As for the thousands of bogus "registered" member on the list that you mentioned, I think most of those just hope that you will click on their website. That is how they get paid. The rest of them, without websites, and no posts, those could be deleted after maybe 48 hours. Just having a registered account for them is an "asset" that can be used later when they really need it, for posting spam or messages or deleting messages or PM'ing. That is when you hope they dont have an account. As snoredog suggested, that can't be good.

Now I'm confused, is this about guest posting?

-HKS

[NightHawkeye]

#2 If the IP address the guest posts from matches the IP address of any registered user, it will output below the post.

Pro: This would cut down majorly on evil guest posts and increase the quality of discussion through accountability.

It sounds like Johnny is trying to tell us that some of the "evil" Guest posts are provided by registered users.

If Johnny wants to deal with that, then the only solutions I can think of are heavy-handed, and only Johnny can implement them. Personally, I'm not sure it's worth it though. On this forum, discussions seem to be won or lost on the basis of the merits of the arguments presented. Somehow or other, this board has fostered a culture which effectively exposes disingenuous, self-serving and fallacious arguments.

Regards,
Bill (thinking "Guest" postings are not a big deal)