Too much spam in forums lately

Hi,

I'm the administrator of the forums at http://forum.thymeleaf.org, and I've been recently seeing a lot of spam messages which I have to manually delete.

Only registered users can post to these forums, and the users the spam come from all have an @outlook.com email address. Most of the messages are shoe-related spam. All of the spammer users are purpose-created (none of them is a normal user who accidentaly posts a spam message).

Until now, spam level was low... but I'm seeing a lot of it lately. For example: 10 messages since yesterday, by 2 different users... that's quite a lot.

Maybe nabble is experiencing any difficulties related to its form security features?

Thanks,
Daniel.

Nabble did suffer a sustained attack by spammers a few weeks ago (You'll find many posts on the support forum about it if you search) but this seems to have been defeated by the latest measures taken by Nabble.

The spam you describe falls outside that the parameters of that previous attack and appears to be much more "normal" perhaps through the recent compromise of one of your legitimate users accounts.

You'll be aware that requiring registration to post is not a high-level security device. Any user can register and no checks are made on the registration by Nabble. It's only benefit is that it enables an individual user to be banned - but that doesn't help much when it is so easy to obtain another address to use and register again.

It may be that you need to make use of the "Member" group within your forum. Adding users to the Member group is a manual process so you have total control over those is it. Just change your permissions to prevent "Anyone" and "Registered" users from posting while allowing "Members" to post.