5 New Features Revealed for vbulletin 4.0.0 GOLD! (Suggetions)

Not too far from the realm of possibility. Gmail does that with its themes... it's kinda neat, actually.

You could probably do that relatively easily.

Setup two variables via a global hook plugin:

• one that takes the time into effect (morning, day, night)
• one that takes the weather into effect (clear, rainy, snowy, etc)

Then you could just load a layout css document called theme_$time_$weather.css -- things could then change as time goes on.

Of course, you could probably get very in depth with it and use some image functions to make a vivid and more precise version, but that is just a simple way of doing it.

Oh, I know of how to do it. I was talking from an "in general" perspective.

The most powerful Features any forum should have is stop spam.

what date is 4.0 coming out ?

You will never stop spam 100% of the time. There is almost always one that trickles through for one reason or another. vBulletin's tools allow you to lessen that from happening.

No one knows.

When it's ready

I have expressed myself regarding this topic a few times internally. So I think they can look into this when they have the time. The focus is fully on version 4 development at the moment. I am not sure if there's time to include anti spam feature - improvements.

It's almost not worth bothering. By the time you build it into vB, the spammers are already two steps ahead with new tactics to get past your traps.

I fought this for years with e-mail. At one point, with two dozen domains on my one account, I was getting 90,000+ mails per day, and I'd say maybe only 50 to 100 were legitimate for all the domains (not all of them used e-mail).

I first played with procmail recipies. At first I was dumping all mail with BCC:, as the majority of spam came that way. I then started to ban individual sender e-mail addresses, but that didn't work after a few months. Pattern matching came next, but how many ways can you (mis)spell "V1agra"? Then we try using DNS blacklists...but even that doesn't catch everything. On top of it, our host used "Greylisting" to catch some spam, which works to an extent, but a lot still gets through. (Don't get me wrong, any reduction in volume is appreciated.)

Know what worked? Gmail. I noticed on my Gmail account, which I'd had almost since the day it launched, that I got little if any spam. That still holds true today, believe it or not. I've had some false positives over the past couple of days, but for months, I would get maybe three or four false positives per month. Incoming spam? I'm lucky if I get one spam message in my inbox every week or two. Some days, I'll get a couple, but I'll report them as spam, and things settle down again. I have no clue what they're using (maybe the trained pigeons? ), but it works. I now have a system where I "wash" my mail through a Gmail account before retrieving it by POP or IMAP. (Basically, Gmail checks my own mail servers, then I pull mail from Gmail rather than my mail servers directly.) It delays things a bit, but to be mostly free of spam is quite nice.

Sorry to ramble on! But having fought spam for so long, I believe it's something we'll never be able to stop, and will waste countles hours trying to outthink them. For BBS systems like vB and others, we have visual confirmation and challenge/response systems to stop the 'bots from registering, but that won't stop spammers from paying a few pennies to someone in a third world country to register at forums by hand, and to copy and paste junk posts when they do get in.

If vB ever does find the answer to spam, I'd be all over it like cheap cologne. I'd just say to do the best you can to help curtail it, but don't ever count on eliminating it completely.

Of course it is a constant battle. The owners of these spam programs make thousands of dollars, hiring professional coders to constantly work on OCR techniques and build databases with aggregated data etc, .. is just a tiny bit of investment for the return they get. What's spending $500 to $1500 on this program, if your spam returns you thousands and thousands of dollars. The board owner spends $0 a day to fight spam. So the spammers will eventually become successful again.

That said, I do hope vBulletin and Akismet and reCAPTCHA keep on top of things. Because it's rediculous how hard it is for newbies to register on a site, where more than 50% of the registration form is to fight spam. And nothing is userfriendly anymore.

I agree. The more security mesures that are present at registration it is more work for the legitmate user to register. It brings an unwelcomed atmosphere.

Although, I do believe registration can be reduced to one page with COPP *age verification* field after username, email, and password. Then having a checkbox and be hotlinked in a text saying next to the checkbox, "I Agree to the User Agreement" just before the submit button.

How to prevent spam?
Check newbie posts (up until X posts) for links.
If link in whitelist - go through.
If link not in whitelist - go block.
If user tries to post with not-whitelist-link more than X times - go ban.

Same can apply to keywords.
The good thing about this is: we can maintain a rather huge keyword database ourselves. We can maintain a whitelist database ourselves.
We can set X posts for newbies. Some might want to make it 1 posts, others make it 10 posts.

I know this might not totally fight off spam. Spammers might involve themselves in order to break through the X posts limit.
But honestly, do you think a spammer would do it? Especially if you keep it a secret how many posts are needed not to be checked against the whitelist.

This is not an official suggestion, merely a reply to the posts above. I have suggested this a couple of times before and really hope to see this implemented in vB4.

I get about 2000 emails a day on gmail. The only thing I use that account for is newsletters from a few websites. Can't even use pop3 to check it because the spam is overwhelming. On their site, most of it ends up in the junk mail folder but not all of it. Unfortunately, I don't like web mail and their simplistic interface drives me so crazy that I rarely check those newsletters anymore.

My MSN account gets 2-3 spam messages a day. Its my primary account and works well with a pop3 client which filters out the junk.

What really gets me is how low the response ratio is. A few years ago, I'd read that if spam gets a 0.1 to 0.2% response rate, it is considered successful. Below 0.1%, they go back to tuning their system to get it back up. It seems like a low percentage, but out of a million spams, that's 1,000 to 2,000 responses. As cheap as spam is to send, it's a pretty good return. It just makes you think about the general public though...would YOU buy anything from some unknown company that just popped up in your inbox? I certainly wouldn't! Especially since I had my credit card info stolen about five years ago...I'm wary of who I give my card info to.

If I could have charged for all of my spam-fighting work over the years, I could have retired to a remote island by now. I keep thinking of the hundreds of wasted hours I've spent fighting spammers, either keeping them out, or dealing with what they've spent.

One thing that has worked really well in the several phpBB forums I'm an admin for is a little "VIP Code" modification I made. I was even able to disable the visual confirmation, it works so well. What you do is put a code on your site somewhere, and it can even be all numbers. (Something like, "Please visit our home page to locate the VIP code.") When the person registers, they need to find that code and type it into the entry form. I've had this in place for a couple of years now, and my bot registrations have dropped to zero. We still get the occasional human spammer sign up, but we only get one every few weeks now. (And I've had not one e-mail asking for help using the system.) Before I did this, we were seeing a dozen or more bot registrations daily. This was after a few years of trying every other registration trick under the sun, and seeing phpBB's own poor visual confirmation system bypassed within a matter of days.

On our largest vB forum, we have the NoSpam! product installed, and since we rotate questions and answers, the only spammers we get now are, again, human spammers. The bots have pretty much stopped bugging us now.

Just yesterday, I had to go through more than a half dozen Wordpress installations I'd done since older versions were getting hacked into. Spammers figured out a flaw where they could inject several dozen links into existing posts, hidden within a set of <u style=display:none> tags. To the naked eye your posts looked OK, but when going to edit, you'd see a mess of links tacked on to the end of your post.

What is going on here! OMG! This thread is actually alive!

Woohooo!