Date   

locked Re: Proposal: All groups must be moderated or new user moderated

Joseph Hudson <jhud7789@...>
 

Hi Jonathan, as our group is slowly building up traffic, I weighed hate to have to do this. As I run multiple different groups on multiple platforms myself./I would also like to keep everything easier for my other owner/moderators. As to them are in school. And our group, is very smoothly ran. We may not get many postings, but would like the Group to stay Open as far is inside and membership goes. So pretty much, once we have let you in the door we are trusting dad these users will keep a very close eye on their email accounts and let us know, if something does happen dinner we will take action.

On Oct 5, 2016, at 12:52 PM, toki <toki.kantoor@...> wrote:

On 05/10/2016 17:26, Joseph Hudson wrote:

Hi Mark, I say instead of moderating all groups, just make it to where all groups require subscription approval from an owner/moderator.

For some types of lists, such as those for PR purposes, requiring
subscription approval can be counter-productive.

Easier on people who have lots of traffic coming to their groups and
so they don't have to sit here constantly approving messages

That is why you put users you trust on unmoderated status. Or simply
default to moderation for new users only.

jonathon





locked Re: Proposal: All groups must be moderated or new user moderated

toki
 

On 05/10/2016 17:26, Joseph Hudson wrote:

Hi Mark, I say instead of moderating all groups, just make it to where all groups require subscription approval from an owner/moderator.
For some types of lists, such as those for PR purposes, requiring
subscription approval can be counter-productive.

Easier on people who have lots of traffic coming to their groups and
so they don't have to sit here constantly approving messages

That is why you put users you trust on unmoderated status. Or simply
default to moderation for new users only.

jonathon


locked Re: Proposal: All groups must be moderated or new user moderated

Joseph Hudson <jhud7789@...>
 

Hi Mark, I say instead of moderating all groups, just make it to where all groups require subscription approval from an owner/moderator. This will make it easier on people who have lots of traffic coming to their groups and so they don't have to sit here constantly approving messages from each individual member.

On Oct 4, 2016, at 10:51 PM, Mark Fletcher <markf@corp.groups.io> wrote:

Hi All,

One of the things I'm seeing with the spammer is that they'll subscribe to an existing group and post their spam. If a group is moderated or has NuM set, the group members never see the spam and it's not a problem (and no incentive for the spammer to continue). But for open groups, it's not a good experience for anyone involved. So I propose to make it so that all groups must be either moderated or have new users be moderated.  I have not yet thought through whether this should apply to sub-groups as well. But I wanted to get everyone's take on this proposal first. Is there a good reason to allow open groups at all?

Thanks,
Mark


locked Re: Proposal: All groups must be moderated or new user moderated

 

On Wed, Oct 5, 2016 at 6:58 AM, Jeff Powell <jrpstonecarver@...> wrote:

That said, we are a restricted group. Users have to prove they are human to get in, which helps with the spam issue a lot.

So, are we really talking about making all groups be Moderated or NuM? I hope I've just misunderstood the terminology involved.

For the record, I have no issue with not allowing Open groups as defined above. In the modern internet they aren't much better - and possibly much worse than - the comment sections at any news site. Getting rid of that option is just fine in my mind. But let's not throw out un-moderated groups as well. That's not a good idea.


You make a good point. How about I modify the proposal: All (parent) groups must either be restricted or set to moderated or NuM (or some combination thereof). In each case there's at least one approval step before a member can post.

Thanks,
Mark


locked Re: Proposal: All groups must be moderated or new user moderated

Steph Mathews <smathews@...>
 

I have my groups listed in the directory except for one.  Because it's one for the bible study group at my church.
 
But for my Christian discussion groups I currently have them set where we approve the new members and we have a pending membership application in place with our group guidelines on top.  Then once someone that we allowed into the group is in, we have them on moderated status till we are certain that they are trusted.  I hope that this helps.  Steph

Sent: Tuesday, October 04, 2016 10:51 PM
Subject: [beta] Proposal: All groups must be moderated or new user moderated

Hi All,

One of the things I'm seeing with the spammer is that they'll subscribe to an existing group and post their spam. If a group is moderated or has NuM set, the group members never see the spam and it's not a problem (and no incentive for the spammer to continue). But for open groups, it's not a good experience for anyone involved. So I propose to make it so that all groups must be either moderated or have new users be moderated.  I have not yet thought through whether this should apply to sub-groups as well. But I wanted to get everyone's take on this proposal first. Is there a good reason to allow open groups at all?

Thanks,
Mark


locked Re: Proposal: All groups must be moderated or new user moderated

 

I'd absolutely have no problem with it, and it's how I run my groups anyway, specifically to avoid spammers.

Everett


locked Re: Proposal: All groups must be moderated or new user moderated

Jeff Powell <jrpstonecarver@...>
 

I need to sanity check the lingo here, please, and then ask a question, because as stated this proposal confuses me. I thought:

  • "Moderated" meant all posts have to be approved by a moderator. The opposite - that members can post messages without moderation is called "Un-moderated", right?
  • "NuM" means New User Moderated (right?) in which all new users have some undetermined period of time during which the group's moderators have to approve their posts before they go out
  • "Restricted" means that users must be approved by the moderators before being allowed to join the group
  • "Open" means that a group accepts new users with no vetting process; sign up, you're in. No human approval involved

If I have all of that right, is the proposal really to require all groups be "moderated" (or have NuM set), or did you mean "restricted"?

This matters a lot to me.

Our neighborhood list moves a LOT of email, quite a bit of it is timely in nature. A requirement that moderators must approve every message would be awful, and would - in fact - cause us to go looking for some other provider (again).  NuM is better, but not critical in my mind given our past experience. (We rarely had new users cause issues in Y!G, and so far it hasn't been an issue here either, even with over 200 new members in the last week thanks to the nearby wildland fire.)

That said, we are a restricted group. Users have to prove they are human to get in, which helps with the spam issue a lot.

So, are we really talking about making all groups be Moderated or NuM? I hope I've just misunderstood the terminology involved.

For the record, I have no issue with not allowing Open groups as defined above. In the modern internet they aren't much better - and possibly much worse than - the comment sections at any news site. Getting rid of that option is just fine in my mind. But let's not throw out un-moderated groups as well. That's not a good idea.

--jeffp


On Tue, Oct 4, 2016 at 08:51 pm, Mark Fletcher wrote:

Hi All,

One of the things I'm seeing with the spammer is that they'll subscribe to an existing group and post their spam. If a group is moderated or has NuM set, the group members never see the spam and it's not a problem (and no incentive for the spammer to continue). But for open groups, it's not a good experience for anyone involved. So I propose to make it so that all groups must be either moderated or have new users be moderated.  I have not yet thought through whether this should apply to sub-groups as well. But I wanted to get everyone's take on this proposal first. Is there a good reason to allow open groups at all?

Thanks,
Mark

 


locked Re: Proposal: All groups must be moderated or new user moderated

Maria
 

On Tue, Oct 4, 2016 at 08:51 pm, Mark Fletcher wrote:
So I propose to make it so that all groups must be either moderated or have new users be moderated.  I have not yet thought through whether this should apply to sub-groups as well. But I wanted to get everyone's take on this proposal first. Is there a good reason to allow open groups at all?

We moderate all our groups (prevention of spam being one of the major reasons we do so - even when someone is a legit member their account can be hacked and then it's a snowball effect ( if links are clicked) plus gives appearance of a group that has no oversight which in turn impacts the depth of conversations). That said, it takes a ton of time of our end and impacts immediacy. So it's not for all.

But the idea of someone being moderated when they are new - or the idea of a new member having to earn the privilege of being unmoderated is reasonable to me and in line with what many other forums also do. And forums don't always have a mailing list component - yet they also make you achieve a certain level before you can post links or photos, and similar privileges. Maybe there could be privileges/trust levels that need to be earned here on groups.io before you can post links/photos?

I think it's reasonable to have all newbies moderated by default and that the owner can decide after a set amount of messages when they become unmoderated or leave it to their discretion if not linked to post frequency. Also reasonable would be to have any posts with links and images in them moderated if the member is new or even beyond if that's a control the group finds eases their moderation workload. Most spam depends on links i think (?) so if you quarantine messages with links, and moderate on the basis of content rather than member, that could also be something that might help.

And I think it's worth restating that even though the service is free, creating a group under the good name of groups.io should be a privilege and there needs to be a system in place so it cannot be abused. Because the abuse hurts all us good group owners and participants. ("But he that filches from me my good name. Robs me of that which not enriches him. And makes me poor indeed").

Most of what we use online requires some form of verification. We do so much online these days (shop/communicate/business/official info/school). I think that while some of us are used to not having to provide verification, it's pretty common place to have to do so these days, even if only by virtue of using APPs on your phone bought through your account at the app store. And if you don't provide verification, then on many services there are limits on how you can use the service.

I think that if you need to provide something valid in order to create a basic website from one of those online template places, then you should maybe have to do same (or more) to create a mailing list that allows you to bypass the send quotas of email providers. And  again, maybe it doesn't need to be sensitive info - maybe it's those captcha codes or the code + a verification method, or captcha plus human questions, but something that can stop these people from hurting the service and stealing Mark's valuable time and energy.

I get the concerns that requiring more intense verification could drive business away. Except for that this doesn't seem to be the case with many of the examples we have been looking at for ideas. I'd think that the argument could be made that the quality and reputation of the site would be enhanced which would counteract any downside of more detailed verification methods being required for the privilege of creating a group.

Maria


locked Re: Proposal: All groups must be moderated or new user moderated

 

On Tue, Oct 4, 2016 at 08:51 pm, Mark Fletcher wrote:
So I propose to make it so that all groups must be either moderated or have new users be moderated.  I have not yet thought through whether this should apply to sub-groups as well. But I wanted to get everyone's take on this proposal first. Is there a good reason to allow open groups at all?

 Hi Mark,

My preference would be to allow group moderators to choose to leave their group unmoderated if that is what they want to do. I am a current owner/moderator of several groups here, all of which are currently unmoderated. Two of my groups were hit by a couple of spam messages yesterday, but deleting these messages this morning was not difficult. My experience managing groups on other platforms (Yahoo and Facebook) is that an open group is good for startup and encouragement of timely discussion. I have a fairly large community of participants on Yahoo and Facebook that much prefer open posting privileges and are willing to overlook the occasional spammer as long as spammers are dealt with swiftly.

Roy


locked Re: Proposal: All groups must be moderated or new user moderated

christopher hallsworth <challsworth2@...>
 

There is really, general chat forums for example should not need moderating by default.

On 5 Oct 2016, at 04:51, Mark Fletcher <markf@corp.groups.io> wrote:

Hi All,

One of the things I'm seeing with the spammer is that they'll subscribe to an existing group and post their spam. If a group is moderated or has NuM set, the group members never see the spam and it's not a problem (and no incentive for the spammer to continue). But for open groups, it's not a good experience for anyone involved. So I propose to make it so that all groups must be either moderated or have new users be moderated. I have not yet thought through whether this should apply to sub-groups as well. But I wanted to get everyone's take on this proposal first. Is there a good reason to allow open groups at all?

Thanks,
Mark


locked Re: Proposal: All groups must be moderated or new user moderated

 

On Tue, Oct 4, 2016 at 8:53 PM, Ro <recarlton@...> wrote:

What would the time frame be for taking people off New User Moderated?   as soon as Owner is sure its not a spammer?  any time?  if so, I have no object.  I dont currently moderate either of my groups...

I wouldn't enforce any time frame. It'd either be after the set number of approved messages for NuM (if there is one specified), or by action of the moderator. 

Thanks,
Mark


locked Re: Proposal: All groups must be moderated or new user moderated

Ro
 

What would the time frame be for taking people off New User Moderated?   as soon as Owner is sure its not a spammer?  any time?  if so, I have no object.  I dont currently moderate either of my groups...


Ro

with Sally and Silk waiting at their feed dishes, and Handy, Feliz &  Police Kitty patrolling in the Great Beyond.





From: beta@groups.io <beta@groups.io> on behalf of Mark Fletcher <markf@corp.groups.io>
Sent: Tuesday, October 4, 2016 8:51 PM
To: beta@groups.io
Subject: [beta] Proposal: All groups must be moderated or new user moderated
 
Hi All,

One of the things I'm seeing with the spammer is that they'll subscribe to an existing group and post their spam. If a group is moderated or has NuM set, the group members never see the spam and it's not a problem (and no incentive for the spammer to continue). But for open groups, it's not a good experience for anyone involved. So I propose to make it so that all groups must be either moderated or have new users be moderated.  I have not yet thought through whether this should apply to sub-groups as well. But I wanted to get everyone's take on this proposal first. Is there a good reason to allow open groups at all?

Thanks,
Mark


locked Proposal: All groups must be moderated or new user moderated

 

Hi All,

One of the things I'm seeing with the spammer is that they'll subscribe to an existing group and post their spam. If a group is moderated or has NuM set, the group members never see the spam and it's not a problem (and no incentive for the spammer to continue). But for open groups, it's not a good experience for anyone involved. So I propose to make it so that all groups must be either moderated or have new users be moderated.  I have not yet thought through whether this should apply to sub-groups as well. But I wanted to get everyone's take on this proposal first. Is there a good reason to allow open groups at all?

Thanks,
Mark


locked Re: Spam filter

 

It's quite possible the addresses are all from yahoo.com because they're part of the big Yahoo password compromise, so let's assume the spammer has cracked the passwords of thousands of legitimate, years-old Yahoo accounts.

One thing you can do is use a CAPTCHA to create a group. That would at least put a damper in an automated process creating groups. Blind users won't like it, but you can add an alternate approval method by Groups.io support if the group looks legitimate.

I can think of ideas, but I'm not going to post them here, because you say the spammer is reading this group. Every idea I can think of, I can also think of a way around. If you find patterns to the spam group contents or the method in which they're created, you can try adjusting to those, but the spammer will work to try to get around them.

Some people do not have credit cards, and I would be wary of providing credit information to create a free group. Bad guys probably have lots of stolen credit card information, or could go get a prepaid card and use that.

Look into SpamAssassin if you want spam detection. It's pretty good. Though obviously not perfect.

It sounds like human moderation of newly created groups is the only real way out of this.

JohnF


locked Re: Spam filter

monamouroui
 

On Oct 4, 2016 12:36 PM, "Mark Fletcher" <markf@corp.groups.io> wrote:
>
> On Mon, Oct 3, 2016 at 6:45 PM, Shal Farley <shals2nd@...> wrote:
>>
>>
>> > ... (each using a unique Yahoo email as owner).
>>
>> That's intriguing. Is he using the disposable address feature to create them, and can you automatically detect the hyphenated syntax of disposable Y!mail address for blocking? They would all have the same base name, a hyphen, then a variable part.
>>
>
> He's not using the disposable address feature. They're just plain-jane Yahoo accounts. He clearly has access to as many Y! accounts as he wants.
>
>

Are the addresses hacked or is someone at Yahoo terrorizing you in order to shut you down? Is this something you can report to the FBI or FCC?

Sara


locked Re: Spam filter

 

I agree. You would typically create a slew of them at once. So perhaps make weekly and monthly limits?

Sent from my iPhone

On Oct 4, 2016, at 11:42 AM, toki <toki.kantoor@gmail.com> wrote:

On 04/10/2016 17:18, David P. Dillard wrote:

Hence one new list per week per owner would be adequate as a means of really good control
The issue I see with one list per week, is when creating groups for
similar, but related things.

By way of example:
* Software-program-users: General list, for all users;
* Software-program-developers: List where developers discuss things;
* Software-program-a11y: List discussing a11y requirements, and more
importantly, solutions;
* Software-program-L10n: List discussing localazation and
internationalization issues;
* Software-program-Linux: List specifically for Linux issues/users;
* Software-program-iOS: List specifically for iPhone/iPad/iPod issues/users;
* Software-program-Windows: List specifically for Windows issues/users;
* Software-program-Android: List specifically for Android issues/users;
* Software-program-MacOS-X: List specifically for Mac OS X issues/users;
* Software-program-BSD: List specifically for BSD issues/users;

Or, for organizations:

* Organization-PR: News releases and other positive things about the
organization;
* Organization-BOD: List for the Board of Directors;
* Organization-Stakeholders: List for all stakeholders of the organization;
* Organization-Finance: List discussing the financial affairs of the
organization;
* Organization-Committee1: List for the first committee of the organization;

On the flipside, lists of that type are probably going to have a
sponsoring organization, and as such the owner would probably fall into
either _Groups.IO Premium_, or more likely _Groups.Io Enterprise_.

Maybe include "instant", on-demand list creation as _Groups.Io
Enterprise_ feature.

###

In these examples, I am ignoring HIPPA, S-Ox, and similar legislation,
where email data can't be made public.

jonathon


--
J

Messages are the sole opinion of the author. 

I wish I could shut up, but I can't, and I won't. - Desmond Tutu


locked Re: Spam filter

toki
 

On 04/10/2016 17:18, David P. Dillard wrote:

Hence one new list per week per owner would be adequate as a means of really good control
The issue I see with one list per week, is when creating groups for
similar, but related things.

By way of example:
* Software-program-users: General list, for all users;
* Software-program-developers: List where developers discuss things;
* Software-program-a11y: List discussing a11y requirements, and more
importantly, solutions;
* Software-program-L10n: List discussing localazation and
internationalization issues;
* Software-program-Linux: List specifically for Linux issues/users;
* Software-program-iOS: List specifically for iPhone/iPad/iPod issues/users;
* Software-program-Windows: List specifically for Windows issues/users;
* Software-program-Android: List specifically for Android issues/users;
* Software-program-MacOS-X: List specifically for Mac OS X issues/users;
* Software-program-BSD: List specifically for BSD issues/users;

Or, for organizations:

* Organization-PR: News releases and other positive things about the
organization;
* Organization-BOD: List for the Board of Directors;
* Organization-Stakeholders: List for all stakeholders of the organization;
* Organization-Finance: List discussing the financial affairs of the
organization;
* Organization-Committee1: List for the first committee of the organization;

On the flipside, lists of that type are probably going to have a
sponsoring organization, and as such the owner would probably fall into
either _Groups.IO Premium_, or more likely _Groups.Io Enterprise_.

Maybe include "instant", on-demand list creation as _Groups.Io
Enterprise_ feature.

###

In these examples, I am ignoring HIPPA, S-Ox, and similar legislation,
where email data can't be made public.

jonathon


locked Re: Spam filter

Maria
 

And maybe a control could be added for addition of subgroups within a list in case that's a potential loophole if limits were to be placed and found to be helpful.


locked Re: Spam filter

Maria
 

Totally agree! 

Maria 


locked Re: Spam filter

David P. Dillard
 

I may stand corrected by other list owners, but a discussion group is a lot of work and serious non-spamming owners put lots of hard work into running lists. I, therefore doubt that legitimate lists are a frequent starting activity. Hence one new list per week per owner would be adequite as a means of really good control on this mass list creation activity. The fly in this ointment, however, is that these spammers are probably creating lists under multiple email identities, in which such a restriction is probably of little or no value.





Sincerely,
David Dillard
Temple University
(215) 204 - 4584
jwne@temple.edu

On Tue, 4 Oct 2016, Carol Good wrote:

On Mon, Oct 3, 2016 at 04:25 pm, Mark Fletcher wrote:

Can I firstly say I appreciate how difficult you must find this.

Regardless of ARC, I feel like something needs to be done to address what's
happening right now. The same guy is creating group after group (~50 so far
today; hundreds since this started last week) of spam lists (each using a
unique Yahoo email as owner). I don't want to host this junk and I don't
I'm probably talking out of the top of my head (or another part of my anatomy) but is there some way of restricting group creation based on IP address? It sounds as though some automation is being used if that many groups are being created in such a short space of time. A genuine group owner is highly unlikely to be setting up a) that many groups or b) groups that quickly (even if an owner wants sub-groups, I would think they would create one and go through the set-ups before moving to the next).

If the spammer is restricted to creating one group an hour (say) it would at least put a big dent in their efforts, while a genuine owner probably wouldn't have any problem waiting for an hour, particularly if there's an explanatory message.

Carol


18041 - 18060 of 29104