阻止垃圾邮件发送者创建帐户（reCaptcha不能解决问题） [英] Stopping spammers from creating accounts (reCaptcha not doing the trick)

问题描述

您好，我们刚刚在我们的电子邮件系统中注意到了许多尼日利亚垃圾邮件帐户。现在，我们的注册表单中确实有一个reCaptcha，但显然他们是手动或以其他方式绕过它。这似乎是一种半手动的规避措施，因为这些帐户不是批量创建的，而是稳定的数据流，之间只有几分钟的间隔。

Hi we have just noticed a bunch of Nigerian spam accounts in our email system. Now, we do have a reCaptcha in the signup form but apparently they circumvent it, manually or otherwise. It seems like a semi-manual circumvention since the accounts aren't created in bulk but instead as a steady stream with a few minutes in between.

由于大多数垃圾邮件这些帐户是由来自尼日利亚的IP地址创建的，我们刚刚在几个相当宽泛的IP范围内设置了一些简单的IP过滤器，目前看来，该过滤器仍在工作。但是，我们想为这个问题提供一个更永久的解决方案。

Since most of the spam accounts were created by IP addresses from Nigeria, we have just set up some simple IP filters over a couple of pretty broad IP ranges and that seems to be working for now. However we would like to make a more permanent solution to this problem.

我们正在考虑的最合理的改进就是从使用reCaptcha改为使用丹麦语的textcaptcha。这可能会使尼日利亚人难以手动输入答案，因为他将不得不学习丹麦语或在网上搜索答案。但是，我想知道您是否有更好的建议，或者只是其他可以实施的筛选方法。

The most reasonable improvement we are thinking about is to change from using reCaptcha to use a textcaptcha in danish. This might make it hard for a Nigerian to manually enter the answer since he would have to learn Danish or search the web for an answer. However, I would like to know if you have a better suggestion or maybe just alternative or additional screening methods we could implement.

推荐答案

我知道的最好方法是要求通过SMS进行验证。您很容易检测到多次尝试使用相同的电话号码，并且拥有大量支持SMS的电话也相当困难。

The best approach that I know of is requiring verification via SMS. It's very easy for you to detect that the same phone number is being tried more than once, and it's reasonably difficult to have a large number of SMS-capable phones.

这篇关于阻止垃圾邮件发送者创建帐户（reCaptcha不能解决问题）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！