Comments on: Honeypot

By: Zubon

Zubon — Wed, 08 Oct 2008 21:52:13 +0000

I have to agree at this point. SpamMeNot has functioned perfectly for me over the past week, and it has had no false positives. Building it in with pre-emptive banning and silencing seems sane.

By: Graktar

Graktar — Wed, 08 Oct 2008 17:18:51 +0000

It would clearly be possible for Mythic to provide a code-based solution to the gold spam problem. The Spam-me-not addon automatically blocks and reports spam e-mails. Mythic could easily adapt that same code to automatically block and ban spammers. Have it coded to instantly suspend the account in question for, say, 3 days. A CSR then reviews the suspension causing mail (Spam-me-not sends a copy of the message) and revokes the suspension for a false positive, or makes a permanent ban for actual spammers.

Yes, there’d be a risk of innocent people being suspended, but it would hopefully be rare and easily reverted.

By: Chas

Chas — Wed, 08 Oct 2008 16:36:18 +0000

Most of them do have scripts. Most log into a cybercafe, download a script, run it until they get caught, then upload their list of sent messages back to the parent server. They might get themselves banned from a dozen games a night. Tomorrow, it’ll be a different location (different IP address) and a user somewhere else will use an account elsewhere to do the same thing.

…And the banning isn’t always costing the gold sellers any money. Some accounts are outright stolen, but many use stolen credit cards (the accounts are alive for a very short time, so the charges aren’t usually contested until they’re already banned) and some challenge the charge after being banned (and win, depending on your country and their consumer protection policies).

By: Ethic

Ethic — Wed, 08 Oct 2008 15:43:50 +0000

I was in a small group last night. All three of us got a gold spam tell from the same spammer at the same time. They must have some script running to send out these tells.

By: Openedge1

Openedge1 — Wed, 08 Oct 2008 15:27:42 +0000

Really… I think you are giving the code for WAR more credit than it needs.
They seem to have simplified so many mechanics (even though the fun for players shows thanks to these simplified mechanics) that they may not have the capability in their code to do what some are suggesting.
Now, maybe as time goes on and they mature the code…it could be possible.
But, it is a baby right now, and baby needs to grow.
And it sounds like baby is spewing out “Gold Tells” like crazy..

Naughty baby!

By: SageSTL

SageSTL — Wed, 08 Oct 2008 04:09:43 +0000

I think that we’re forgetting something critical here. This game is a computer program run through centralized servers. There’s no need for a human to actively monitor at all- all Mythic has to do is flag every tell that includes the gold sites’ URLs (we all know them by now- they should, too). If they want to take an extreme approach, auto-ban them and ask questions later. If an employer can say “hey, we’re watching your e-mail/chat for inappropriate discussion” Mythic sure as heck can put it into their EULA. There is absolutely no reason why this has to continue, and it’s irresponsible of Mythic to force players to actively respond to stop the problem.

By: Chris F

Chris F — Tue, 07 Oct 2008 21:42:41 +0000

I agree with Rog. Honestly, autofilter anything that even remotely resembles a website. Autofilter out any name with a string of 5 constanants. Remove the ability to mass tell. There has to be an easier, automatic way. Send 10 direct tells to 10 different people in under a minute? Lockout the account for an hour. If it happens again, instant ban. Instead of spending $100k in CSR hours per year, spend $50k on a programmer (I hear their are a lot of those looking for work) whose sole job is to set up, and stay on top of, autofilters.

Honeypot would work too, but would be more cumbersome/expensive in the end.

By: Rog

Rog — Tue, 07 Oct 2008 21:21:52 +0000

The thing is, an MMO has full access to both sides, Receiving AND Sending. This would be an email administrators wet dream to stop spam.

There should be absolutely no need whatsoever for honeypots, player reporting or any other of the usual anti-spam measures. It should barely require any human-interaction at all. They could simply throttle mass-sendings. If the spammers take a modular approach with many accounts, they could respond with word analysis and filters, with strong leanings towards sniffing for URLs. Even if spammers hacked their protocols, they still have access to in / out on their own MMO servers.

Frankly it’s child’s play compared to what ISPs or mail servers face. In-game spam is much easier to stop than the gold farming activities themselves, so when I see them letting this junk through, all I can think of is they’re using players as manpower to try to track the culprits, because if they put their mind to it, they could stop the spam.

Spam shouldn’t be happening in any MMO, period.