One per day. Pattern on forums with 2000 or so users (500 per year new):
- new user signs up with email domain from category “temporary domain” such as “cetnob.com”.
- within a number of hours either creates a new topic or replies to an existing topic
- creates text in English sections only (bilingual site, with over 90% NOT in English)
- sometimes includes a URL in the text, sometimes not
- text seems like an actual question or remark, using words uniquely used on the forums and relevant material
- but text feels somewhat off-topic, but very good still: an inexperienced support engineer could not detect it
It highly resembles in pattern the pattern described in:
We are blocking already hotmail, gmail and other large consumer oriented domains using an explicit list, but there are at least 10.000 domains known to us that are used for this type of approach. In our own software we have an explicit list plus a real-time check on UserCheck (we use the free variant and only check on sign up on our own apps and cache, so 5000 lookups per month is sufficient).
From what I have seen, this specific behaviour can be tackled by automatically blocking temporary / spam email domains.
Blocking TL0 from using links is not really considered more viable than moderating all new requests, since many users post directly after first sign up, the site being a support portal.
There is a plug-in for this, but it seems no longer maintained (see Plugin to detect & reject disposable emails on signup).
I am not sure whether this approach will solve all issues for instance for larger forums or forums that accept consumer email addresses.