This site is a static archive of the Aegir community site. Documentation has moved to Other community resources can be found on the Contacting the community page.
Skip navigation

Despamming best practices?


Despamming best practices?

Referenced Page: 
Despamming guide

The Aegir community has always seen among the best Drupal experts in the community so let me be lazy and ask you people: what techniques would you use to keep a community website like this one free of spam?

We are currently using the Honeypot and Mollom modules, but as you may have seen recently here (~7000 spam nodes created after christmas), this is not always enough. After reporting pages and pages of spam to Mollom, we (me and Helmo) have worked on a neat little view to massively (using the Batch API and VBO) remove spammy content from the website. The view is attached for your perusal.

But that view only cleans up after the damage has been done: how do you keep spam from your public website with minimal pain from the user? seems to use http:BL, what else do they use?

Exercise to the reader: make a view that will list and destroy users and their profiles at once. One way to go around it would be to list the user and its history (number of posts, latest posts, registration date and last activity). Also fix the node view so it deletes the user and its profiles once it's done removing the content.

Comment here or expand our despamming guide and thank you lazyweb!

node-spam-view.txt12.37 KB


To my best knowledge the only working protection these days is to just not allow to self-register active accounts. We host enough Drupal site to find out that only drastic default settings we use in BOA help:

I would prefer to get tired reviewing new accounts registrations than watching for and fighting with removing the crap spammers may add very quickly.

Need help?


The discussion area lets your team communicate by posting updates and discussing issues. It is a great place for sharing progress, discussing challenges, and exploring ideas.