Usually you can tell by the email address that someone is a bot or spammer.

When I get a notification of a new user, I check the list of inactive users and delete them. Then I go to Preferences Main »» User Info Settings and add their email address (the *com) part to the list (Enter emails that should not be used in user profile)

How about automating that a bit. Add a button to the inactive users profile, where the activate button is, or add an option to the drop down menu in the list of inactive users, to automatically put them in the list (Enter emails that should not be used in user profile).

You could even provide a link to put them in the list in the email notification that we receive as webmasters

When someone registers then doesn't come back it could either mean it was spam, or the user no longer had an interest in the content at that time. Just because he does not have an interest at that time, doesn't mean they will not come back later (i.e Thanksgiving or the holidays on your site). You probably have food aficionados and seasonal recipe genres on your site (if that was the one you were referring to).

I have found on my site that even registrants that never connect are not always spam. Heres how

I ran into situations where if was found that some activation emails did not get through because the mailer did not have a SPF (sender policy framework) configured. Not all users email services use this so some get through. Auditing email send failure records usually correlated to a "never connect" user.

Rather than delete them as spam, their activation links were resent with an apology from SPF capable mail service and some thanked me and followed up with a visit. If I just deleted them, they would have been lost due to my own misunderstanding of their actual status.

Some never connects also correlated to email send failures due to a no such email address, indicating the user failed to register because he attempted to enter fraudulent email address. These were deleted.

Those never connects who have no corresponding email failure record were probably spam, but Stop Forum Spam feature in protector should prevent alot of these, if used.

Once you are sure that one should be deleted, the button you mention would be nice.

I didn't say all users are spammers but some explicit email addresses are usually a pretty good indicator.

If I'm not sure of an address, I check out the website it comes from

If there is no website, or it's obviously a spammer website, then i delete them.

[EDIT by Mamba] email address removed

Quote:
It is very bad attitude.

You should not delete bad users. IMO a good webmaster/moderator should not delete anything from database e.g.: deactivate users, offline a download, move a picture to a close folder,... instead of deleting them.

You just need to do these for bad users(spams):
1- change the pass
2- clear all profile unneeded fields like signature,info,YIM,...
3- assign the bad user to a non-permission group

only the (3) is required and (1) and (2) are optional.

the above could be automatic by a cron job if we have a fully functional profile system.

that is possibly the dumbest thing i've ever heard.

If you never activate the user, there is never anything in the database

Why keeps thousands of spam users in your website database when you can delete them without ever activating them and then block their email, which is exactly the reason you CAN block an email

In some countries, such as France, we have an obligation to keep details of users for one year, for example.

if you never activate their account, they're not users

The subject listed was "A suggestion for spamming users". This is very broad in scope.

While the argument presented

Quote:

indicates you are referring to those who manually activate their users (a small percent of most XOOSers,

the subject listing invites a broader range of discussion for the majority of users who use the much more common email activation process.

The rest is for the latter class of users.

Quote:

Quote:

Just prior the recent BRICS conference in South Africa which included Vladimir Putin, a couple of guys created accounts, and the first thing they sought to find out was how to delete their accounts. One of them came from South Africa. To a webmaster this should raise the same flags, as the 911 perps who wanted to take flying lessons without learning how to land the aircraft.

The implied modus operandi here was that there was a perceived need to delete evidence of what went on in the course of account usage connected with this important event, of which one of the users appeared to be a prominent international activist/privateer known to dabble in other parts of Africa.

Although the site is the antithesis of the deplorable Facebook privacy model, there are legitimate possibilities for criminal use of such sites that may present legitimate need for warranted investigation on a case by case basis (as opposed to indiscriminate data mining access). I this context, what irtmfan and Cesag quote is valid, and this not just limited to spammers. It disables the perps, while preserving the data in case the need to unravel criminal activity presents itself.

Speaking of spammy users

Maybe we should ban Philiadephia Lawyers

Objection your honor, the statement is argumentative.

Chefry, we are all free to do what we want with our own sites. There are ideas, and there are industry best practices that at least two, possibly three in this forum have posted, are in agreement on.

This is just a public discussion on a topic you started, with public responses. If you do not want public input, create a forum topic on your site and just reply to both sides of it. I guarantee you will get the results you want every time.