The folks over at MyBlogBlog have made some updates that will make it more difficult for spammers to game the system. This action is in response to an exploit taken advantage of over the weekend where a spammers sent multiple requests to join their communities as co-authors and then automatically approve the requests. Danny Sullivan and Shoemoney were just a couple of many impacted by this.
Eric, one of the founders of MyBlogLog, explains it like this:
Saturday evening, a member discovered an exploit where you could send someone a request to join their community as a co-author and then automatically approve the request. In other words, someone (dare I call them a jackass) could force you to be a co-author of their community. I have no idea why they would do this, other than a negligible bump in marketing, but who ever said jackasses made sense?
Eric sounds a bit upset and rightly so. What steps do they plan to take to ensure this does not happen again?
- They are going to post an official Terms of Service (ToS) and hold people accountable.
- By default, you now see only message from your own contacts. You’ll be able to click a radio button to see messages from everyone else. Further, you’ll only receive an email alert when a contact leaves you a message. Lastly, public views of your profile will reflect your message view setting, so other people viewing your profile won’t see random requests to visit their community or site.
- They will include the text of the comment and associated controls (delete,reply, etc) in the alert email.
- They will limit users to only five requests for co-authors a day. If you want to request more co-authors, come back tomorrow.
- They will limit users to join 15 communities and add 15 contacts during any day.
- After the first five are complete, they will set up a comment approval system where community members can automatically post messages and everyone else’s comments gets queued for approved (a la Typepad comments).
Eric admits that these fixes aren’t perfect but it is the best they can do for now. At least they are willing to take appropriate steps to ensure MyBlogLog stays a credible place and not another service that spammers can exploit and game.