From a hackernews thread on dealing with spammers on your platform:

… one of the most effective ways of dealing with spammers is to “shadowban” them. Allow them to use your service, but don’t indicate to them that you’ve identified them as malicious. For instance, when dealing with chat spammers, allow them to chat, but do not show their chats to other users. Another level would be to allow them to chat, but only show their chat to other shadowbanned users. … If the malicious actor doesn’t know they’ve been marked as malicious, they do not know they need to change their behavior.

The second most effective thing is making the malicious actor use some sort of resource. Such as a payment or a time commitment (eg new accounts can only create 1 link a day), or some other source of friction. The idea is that for legitimate users the friction is acceptably low, but for consistent spammers the cost becomes too high.

The 3rd thing I’ve found effective is that lots of spam comes from robots, or perhaps robots farming tasks to humans. If you can determine how the traffic is coming in and then filter that traffic effectively without indicating failure, robots can happily spam away and you can happily filter away.


Comment? Reply via Email, Mastodon or Twitter.