It's really easy to spam the discourse chat - Implement tighter spam resistance

Hi,

I’ve recently been using the chat feature and it’s super easy to spam somebody on default chat settings. Here is an example on my spare instance.

This left me with an inbox full of messages and it’s annoying to deal with:

image

I’m also sure if you really wanted to strike somebody hard you could do it, especially if you had 2 accounts spamming, I believe by default there should be some type of spam resistant, especially since most chat systems have some type of resistance to prevent spam.

Thanks for any responses,

@jimmynewtron

3 Likes

A similar solution would be to make it so that the chat can only be accessed at a certain trust level. (TL1 or TL2 would work, but it would require the users to participate more in order to access the chat.)

3 Likes

Thank you for proposing that. Is there a way we could implement a rate limit or cooldown feature which could likely be effective in reducing spam?

1 Like

There are a couple existing site settings for rate limits at /admin/site_settings/category/chat

Screenshot 2023-01-07 at 8.48.16 PM

Users who are flagged will also be silenced for a period of time:

Screenshot 2023-01-07 at 8.49.21 PM

And you can also limit which groups have access to chat (or to direct messages):

Screenshot 2023-01-07 at 8.51.28 PM

Finally, there’s this setting, which could be raised to 1.0 prevent the particular issue you shared:

Screenshot 2023-01-07 at 8.52.21 PM

(from a quick test, it works at 1.0, but I think there may be an issue where it has no effect if it is set to any value less than 1.0)

7 Likes

just for clarity, I think it’s worth explicitly specifying that the user will be silenced not just in chat but in the whole forum (which is somewhat counterintuitive for me, and I raised this issue before)

2 Likes

I was wondering if there is a way to reduce the number of notifications that the recipient will receive after the spammer has been silenced.

image

On default settings you can still send quite a lot of spam until your silenced. Is this something that can be adjusted on the default settings, or is there another way to address this issue?

1 Like

I’m guessing your best tools here are going to be:

  1. disallowing chat for trust level 0 (make it require trust level 1)
  2. reduce rate limits for “other trust levels”
  3. suspend users who violate any policy/norms

If you run into any issues in the wild that you aren’t able to address with the existing site settings, by all means please report them here with the details of what happened so we can think about it more together.

3 Likes

Those options all make sense, but is there an option to slow posting for chat users similar to how it can be done currently within topics?