Project

General

Profile

Actions

Bug #11313

closed

Overly aggressive spam filters

Added by Gina Cherry over 5 years ago. Updated about 4 years ago.

Status:
Resolved
Priority name:
High
Assignee:
Category name:
Spam/Spam Prevention
Target version:
Start date:
2019-04-11
Due date:
% Done:

0%

Estimated time:
Deployment actions:

Description

In Bug #11160, I described two issues with blog comments: duplicate email notifications and all comments going to spam. The duplicate email notification issue has been resolved, but the overly aggressive spam filter has not. Can you please look into this? The problem with everything going to spam is that site administrators do not receive a notification when comments are made, so I need to keep monitoring the site for spammed comments that need unspamming.


Related issues

Related to CUNY Academic Commons - Bug #11160: Return of duplicate email notifactions for blog commentsResolvedRaymond Hoh2019-02-25

Actions
Related to CUNY Academic Commons - Support #11149: comments getting blockedResolvedRaymond Hoh2019-02-25

Actions
Related to CUNY Academic Commons - Support #11908: overeager spam filterResolvedRaymond Hoh2019-09-25

Actions
Related to CUNY Academic Commons - Support #12004: Notifications for spam blog commentsReporter FeedbackRaymond Hoh2019-10-22

Actions
Related to CUNY Academic Commons - Bug #12363: more bbPress problems - now students unable to post either a new thread or a comment ResolvedRaymond Hoh2020-02-03

Actions
Related to CUNY Academic Commons - Support #12395: comments again being blocked ResolvedRaymond Hoh2020-02-11

Actions
Actions #1

Updated by Raymond Hoh over 5 years ago

  • Related to Bug #11160: Return of duplicate email notifactions for blog comments added
Actions #2

Updated by Raymond Hoh over 5 years ago

  • Category name set to Spam/Spam Prevention
  • Assignee set to Raymond Hoh
  • Target version set to 1.14.11

I'm just going to copy some comments from #11160 that is related to this issue.

Gina said:

This has happened with the last several blog comments. Here is the most recent example: https://cetls.bmcc.cuny.edu/blog/2019/01/25/race-racism-teaching/

All of the blog comments from the last few months have been flagged as spam, which I need to release and then approve since comments on this blog are moderated. It would be great if we could also figure out why this is happening. Since I don’t receive email notifications about spam, it means I have to remember to check for comments every day.

Boone said:

Regarding email notifications about spam, the site appears to be configured to send an email to whenever a comment is sent to spam. https://bmcccetls.commons.gc.cuny.edu/wp-admin/options-discussion.php Are you checking the proper inbox? Perhaps those notifications are being sent to spam for some reason?

Gina said:

Thanks, Boone. I'm fairly sure that the spam comment notifications are not being sent to email spam. I have not seen these notifications in the email spam for either the CETLS account or my personal account. There have been blog comments in the past that were not sent to spam. In those cases, I received notifications at both the CETLS email and my personal email.


So what needs to be tested is:

1. If a comment is spam and the site admin is set to receive email notifications, ensure that the email is sent. It should be noted that it's the site admin listed under "Settings > General" that will get the notification and not all users with the administrator role.
2. Find out why a lot of blog comments are being marked as spam.

Point 1 would be easy to test. The second is harder because we use the Akismet plugin to automatically mark comments as spam.

Actions #3

Updated by Raymond Hoh over 5 years ago

Actions #4

Updated by Boone Gorges over 5 years ago

  • Target version changed from 1.14.11 to 1.15.1
Actions #5

Updated by Boone Gorges over 5 years ago

  • Target version changed from 1.15.1 to 1.15.2
Actions #6

Updated by Boone Gorges over 5 years ago

  • Target version changed from 1.15.2 to 1.15.3
Actions #7

Updated by Gina Cherry over 5 years ago

I'm wondering about the status of this since it's become relevant and critical to sites beyond the CETLS blog. On our open pedagogy blog (https://bmccopenpedagogy.commons.gc.cuny.edu/posts/), many of the comments have been going to spam. Some of the commenters were using gmail accounts; others were using their BMCC email accounts. It's not clear whether the commenters using their BMCC email accounts were logged into the Commons when they submitted their comments. Commenters expect to see their posts immediately and several of them submitted their posts multiple times when they did not.

The reason this has become critical is that our open pedagogy seminar starts next week and we were planning to guide many of these faculty to have students comment on blog posts as part of their open pedagogy assignments. When we worked with faculty on the Commons last time around, we found that having students register for the Commons was too big a lift for most of them, so we guided them to using the commenting feature rather than having students create their own blog posts. We will need to rethink this approach if the comments to spam issue continues.

Thanks!

Actions #8

Updated by Gina Cherry over 5 years ago

Also, note that after discovering this issue, I changed the settings on the open pedagogy blog to require users to be logged in to comment. I am hoping this will prevent additional comments from going to spam. If so, this will be a reasonable solution for this site, but not for the sites that we anticipate faculty will create for their classes.

Actions #9

Updated by Boone Gorges over 5 years ago

To some extent, the behavior of Akismet is a black box. It has spam prevention algorithms that we can't easily reverse-engineer.

For clarification, can you please be more specific what you mean by "going to spam"? Does this mean that, immediately on submission, the items are flagged by the system as Spam, and end up on this page https://bmccopenpedagogy.commons.gc.cuny.edu/wp-admin/edit-comments.php?comment_status=spam ? Or are they marked as pending, landing on this page https://bmccopenpedagogy.commons.gc.cuny.edu/wp-admin/edit-comments.php?comment_status=moderated?

Actions #10

Updated by Gina Cherry over 5 years ago

The first. They end up on https://bmccopenpedagogy.commons.gc.cuny.edu/wp-admin/edit-comments.php?comment_status=spam. Which means that the admins are not even notified (as they would be if the comments were marked pending). I did not catch this for a few days and had to unspam quite a few comments today. The ones still marked as spam are duplicates of ones I already published.

Actions #11

Updated by Gina Cherry over 5 years ago

Is it possible to turn off Akismet on a per site basis? My experience so far is that it catches little to no actual spam and falsely marks real comments as spam on a regular basis.

Actions #12

Updated by Boone Gorges over 5 years ago

  • Priority name changed from Normal to High

Ray, as part of researching this, could you please write a filter that allows us to disable network-active plugins for specific sites? I guess 'site_option_active_sitewide_plugins'?

Actions #13

Updated by Raymond Hoh over 5 years ago

  • Status changed from New to Staged for Production Release

Ray, as part of researching this, could you please write a filter that allows us to disable network-active plugins for specific sites? I guess 'site_option_active_sitewide_plugins'?

Done in https://github.com/cuny-academic-commons/cac/commit/672951753d5c294242e2d7bc47ce39bbcd398b34. Unfortunately, this has to be written as a mu-plugin and not as a plugin that can be activated in the admin area due to the load order nature of WordPress.

This will be enabled on the 11th during the next maintenance release.

So far, I have disabled Akismet on the 'bmccopenpedagogy' and 'bmcccetls' sites. Gina, are there any other sites that need to be added to the Akismet disabled list?

Actions #14

Updated by Gina Cherry over 5 years ago

Thanks, Ray. That will be helpful for those two sites, but unfortunately does not address the underlying issue. We're trying to figure out the best way for faculty to engage their students on the Commons without having to set up Commons accounts (which turned out to be very difficult when we tried it last year). We had been suggesting have students comment on blog posts, but that won't work well if student comments tend to go to spam. If I understand this solution correctly, faculty would need to contact you every time they set up a site and request that you disable Akismet for the site, which is not ideal. Do you have any other ideas about how faculty might engage students on the Commons that would not require student accounts?

Actions #15

Updated by Raymond Hoh over 5 years ago

If I understand this solution correctly, faculty would need to contact you every time they set up a site and request that you disable Akismet for the site, which is not ideal.

Yes, this is indeed not ideal.


I did a bit of local testing just now to see what happens whenever Akismet marks a comment as spam and an email notification is not sent to the site admin. There also doesn't appear to be an option in the Akismet admin settings for such a feature, which is weird.

Anyway, I just wrote a small plugin that enables email notifications whenever Akismet marks a comment as spam. (Code reference - https://github.com/cuny-academic-commons/cac/commit/c14648b8805c14a53819d033a6a692a9ae485121)

Once the maintenance release on the 11th is deployed, you can activate the "Akismet Spam Notifications" plugin on all your sites. The email address listed in the WP admin menu's "Settings > General" page will receive email notifications whenever Akismet marks a comment as spam.

Hopefully, this is another way to workaround the aggressiveness of Akismet. However, as noted by Boone in a previous thread, you should train Akismet by unspamming these comments. That's the only way Akismet can learn if their algorithms need to be tamed down.

You can also contact Akismet directly here:
https://akismet.com/contact/

And by selecting the "I think Akismet is catching my comments by mistake" option. Perhaps someone at Akismet can see what might be causing the false positives on the BMCC sites.

Actions #16

Updated by Raymond Hoh over 5 years ago

Do you have any other ideas about how faculty might engage students on the Commons that would not require student accounts?

Gina, another option you might want to consider is using the bbPress forum plugin. However, that might be too heavy for your use case. If you want to test this, you'll have to enable bbPress on your site's "Plugins" page.

Once activated, you'll want to look at the admin page located under "Settings > Forums" to enable anonymous posting and to disable Akismet integration. Enabling anonymous posting and disabling Akismet will probably increase the likelihood of legitimate spam though in your forum threads.

Actions #17

Updated by Boone Gorges over 5 years ago

  • Status changed from Staged for Production Release to Reporter Feedback
  • Target version changed from 1.15.3 to 1.15.4

Thanks for this, Ray. I'm going to move to the 1.15.4 release so that we can continue the conversation. The improvements listed above will be included in today's release, however.

Actions #18

Updated by Gina Cherry over 5 years ago

Thanks for that suggestion, Ray. Some of our faculty have used bbpress, but i wasn't aware that it could be configured for anonymous posting, so that's helpful.

The other approach I've considered is using Gravity Forms to allow students to submit blog posts. I already do this to allow faculty to post to the CETLS blog.

Actions #19

Updated by Raymond Hoh over 5 years ago

Gina, I contacted Akismet to see if they could pinpoint the problem with the aggressive spam filters on the BMCC sites and this is what they mentioned to me:

Hi Raymond,

Typically if a user's comments are being flagged as spam, we need them to contact us directly so we can do some tests with them. On the individual site level, we just recommend that the site admin use the tools inside WP Admin to mark the comments as "Not Spam". The later helps teach the system and may help in the long run.

If you could have those individuals contact us directly using the same email address that is used on their account, we can go from there.

Thanks!

So basically, keep training Akismet by marking invalid spam comments as "Not spam" and telling the blog commenter to contact Akismet directly at the https://akismet.com/contact/ form.

I'm not sure how feasible it is to tell each blog commenter that has their comment marked as spam to contact Akismet directly, but it might be a prudent thing in the long run.

Let me know what you think.

Actions #20

Updated by Gina Cherry over 5 years ago

Thanks, Ray. I don't think it's feasible to ask the individuals to contact Akismet, in part because I'm not sure I remember who they are and because they are all faculty who are not necessarily around for the summer. Most of them were using their BMCC email addresses and some were even logged in to the Commons and had editor privileges on the site on which they were commenting.

Training Akismet may be feasible for a public-facing site that gets lots of comments, but again, is not so feasible when the people leaving comments are students who are doing it for a class assignment. The option to receive an email notification when a comment goes to spam will be helpful, but I'm guessing there will still be a lot of confusion when students don't see their comments appear on the blog immediately. Unfortunately, it sounds like there is no better solution.

Actions #21

Updated by Raymond Hoh over 5 years ago

Maybe I could write a plugin that checks if a comment is marked as spam by Akismet and if there aren't any links in the comment's content, I can automatically approve the comment and mark the comment as not spam.

If a comment does not include a link, chances are it's generally considered to be a legitimate comment. What do you think, Gina?

Actions #22

Updated by Boone Gorges over 5 years ago

  • Target version changed from 1.15.4 to 1.15.5
Actions #23

Updated by Raymond Hoh over 5 years ago

  • Target version changed from 1.15.5 to 1.15.6
Actions #24

Updated by Boone Gorges over 5 years ago

  • Target version changed from 1.15.6 to 1.15.7
Actions #25

Updated by Boone Gorges over 5 years ago

  • Target version changed from 1.15.7 to 1.15.8
Actions #26

Updated by Boone Gorges about 5 years ago

  • Target version changed from 1.15.8 to 1.15.9
Actions #27

Updated by Boone Gorges about 5 years ago

  • Target version changed from 1.15.9 to 1.15.10
Actions #28

Updated by Boone Gorges about 5 years ago

  • Target version changed from 1.15.10 to 1.15.11
Actions #29

Updated by Boone Gorges about 5 years ago

Actions #30

Updated by Boone Gorges about 5 years ago

  • Target version changed from 1.15.11 to 1.15.12
Actions #31

Updated by Boone Gorges about 5 years ago

  • Target version changed from 1.15.12 to 1.15.13
Actions #32

Updated by Boone Gorges about 5 years ago

  • Related to Support #12004: Notifications for spam blog comments added
Actions #33

Updated by Boone Gorges about 5 years ago

  • Target version changed from 1.15.13 to 1.15.14
Actions #34

Updated by Boone Gorges almost 5 years ago

  • Target version changed from 1.15.14 to 1.16.1
Actions #35

Updated by Boone Gorges almost 5 years ago

  • Target version changed from 1.16.1 to 1.16.2
Actions #36

Updated by Boone Gorges almost 5 years ago

  • Target version changed from 1.16.2 to 1.16.3
Actions #37

Updated by Boone Gorges almost 5 years ago

  • Target version changed from 1.16.3 to 1.16.4
Actions #38

Updated by Boone Gorges almost 5 years ago

  • Target version changed from 1.16.4 to 1.16.5
Actions #39

Updated by Raymond Hoh almost 5 years ago

  • Related to Bug #12363: more bbPress problems - now students unable to post either a new thread or a comment added
Actions #40

Updated by Raymond Hoh almost 5 years ago

After another instance of Akismet's aggressive spam filtering was reported in #12363, we talked about what to do in last week's dev chat.

We're going to try disabling Akismet for logged-in users and seeing if we get any additional reports over the next few weeks.

(Commit - https://github.com/cuny-academic-commons/cac/commit/3262b9c1a8909e0a0bcce365e011d69d1d2c234d)

Gina, it would be great if you can chime in if you are still encountering problems when you have a chance.

Actions #41

Updated by Boone Gorges almost 5 years ago

  • Target version changed from 1.16.5 to 1.16.6
Actions #42

Updated by Raymond Hoh almost 5 years ago

Actions #43

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.6 to 1.16.7
Actions #44

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.7 to 1.16.8
Actions #45

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.8 to 1.16.9
Actions #46

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.9 to 1.16.10
Actions #47

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.10 to 1.16.11
Actions #48

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.11 to 1.16.12
Actions #49

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.12 to 1.16.13
Actions #50

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.13 to 1.16.14
Actions #51

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.14 to 1.16.15
Actions #52

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.16.15 to 1.17.0
Actions #53

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.17.0 to 1.17.1
Actions #54

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.17.1 to 1.17.2
Actions #55

Updated by Boone Gorges over 4 years ago

  • Target version changed from 1.17.2 to 1.17.3
Actions #56

Updated by Boone Gorges about 4 years ago

  • Target version changed from 1.17.3 to 1.17.4
Actions #57

Updated by Boone Gorges about 4 years ago

  • Target version changed from 1.17.4 to 1.17.5
Actions #58

Updated by Boone Gorges about 4 years ago

  • Target version changed from 1.17.5 to 1.17.6
Actions #59

Updated by Boone Gorges about 4 years ago

  • Target version changed from 1.17.6 to 1.17.7
Actions #60

Updated by Raymond Hoh about 4 years ago

  • Status changed from Reporter Feedback to Resolved

I'm going to close this one out as we haven't received any other reports about aggressive spam in the past couple of months.

If there are new cases, feel free to open a new issue.

Actions

Also available in: Atom PDF