Oscailt - Sword of the anti-spammer

One of the biggest problem that indymedia administrators have always had has been managing the newswire to keep it free of abusive content and spam. A handful of committed abusers can tie up almost endless amounts of the time of imc admins which could be used in much more productive ways. Constantly monitoring the newswire and comments section for abusers is also particularly stressful and not good for mental health in general. Oscailt has been developed by the indymedia Ireland technical team and we are responsible for what is almost certainly the busiest comments section in the network - with all the problems that brings with it. Therefore, we have put a huge amount of effort into providing anti-spam capabilities in oscailt 3. Spammers are going to be very disappointed indeed.

The seven circles of oscailt

That's right. Oscailt 3.0 offers seven independent layers of anti-abuse defence, none of which are perfect but which add up to a truly formidable armoury for the administrator.

Layer One: Publishing Tickets

Every publish form in oscailt can be configured to include a ticket publishing mechanism. Essentially what this means is that users must wait a certain (configurable) period of time between publishing comments and stories. The minimum time span can be set differently for comments and stories, so for example you can configure oscailt so that each user can only publish comments every 5 minutes and stories every 30 minutes. This prevents users from spamming with back and reload too as they must get a new ticket by going back to the original page before publishing.

Layer Two: Lockable Stories

It frequently happens that certain stories will be particularly targetted for abuse. In Ireland, we find that anti-racist articles are systematically targetted by net-nazis. Oscailt 3 allows administrators to lock particular articles so that no further comments are accepted by non-administrators. This can give you the breathing space to weather a storm of spam.

Layer Three: One-click newswire cleaning

We frequently find that certain threads become deluged with abusive comments before moderators can intervene and until now each comment or story required a separate click to hide. Oscailt 3 allows moderators to hide as many comments on a story, or as many articles on a newswire as they like with a single click. Spend a few hours spamming an imc and see all your work vanish in a single click - that's demoralising.

Layer Four: Restrictions on open publishing

In particularly heavy spam attacks, oscailt 3 allows you to turn off open publishing of comments and/or stories on each publish form on your site. This means that articles and comments won't appear on the newswire until they are approved by the moderator and the spammers' offerings will never see the light of day.

Layer Five: Redirecting banned referrers

Many of the abusive users of indymedia often come from particular sites on the internet and follow links from there. For example, in Ireland, there is a very close correlation between abuse on threads and links to our site appearing on right-wing sites. Oscailt 3.0 allows you to ban any direct links from sites that are persistent abusers (eg snivelfront). Web browsers who follow links from these sites will find themselves redirected to the site of your choice - whether that's inter-racial-gay-sex-with-priests.com or fluffybunnies.net, the choice is yours! To enable this fill in the domain of the banned referrer in the Admin.php/editconfiguration screen.

Layer Six: Real-time monitoring of IP addresses of publishers and instant publish bans.

This is perhaps the biggest gun available to the oscailt administrator. Normally IMC codebases don't collect or rely upon IP addresses at all for privacy and security reasons - and neither does oscailt! Oscailt manages to do this by providing a real-time IP monitor facility which only collects the IP addresses of the last few publishers to the site. Most of the time, this feature should be disabled and when it is disabled, it purges all IP addresses from the system. When you encounter an abusive user, you can discreetly enable this feature and use the monitor to view the IP addresses of only the people who publish to the site. When the abuser next publishes, you can simply click on his IP address and select the length of ban that you want to give him. Any and all access to publish forms and contact forms on your site from that IP address will then be banned until the time limit is up. They will still be able to view all your content normally but will be completely prevented from publishing - poetic justice.

This means that, in normal operation, the only IP address information that oscailt retains is the list of banned IP addresses. There is an old anarchist saying that "your right to swing a fist ends where my nose begins". With oscailt, this saying becomes "your right to privacy ends where your abuse begins to threaten my site's survival." Even when IP monitoring is enabled, only the last few (number configurable) IP addresses are retained in a cache file and older entries are automatically deleted as new stories and comments are published. This means that, if some authority or other was to seek to access your IP records, the ones that they are interested in should invariably be completely and eternally deleted from the system long before they can serve any injunctions. Whatsmore, since most of the time the monitor should not be enabled, they will have no way of knowing whether there was ever a record of the posting that they are interested in. Finally, whenever you turn off the monitor, all the cached IP addresses are purged. Safer. Stronger. More secure. A nightmare for abusers.

Layer Seven: Complete banning and redirection of all traffic from certain IP addresses.

In the case of automated DoS attacks and other such serious attacks, it can be a good idea to simply redirect any and all requests from certain IP addresses. Oscailt allows you to specify IP addresses which will be immediately redirected to other addresses on the web.

-- ChekovFeeney - 14 Aug 2005