Spammers Won't Stop with Privatemsg

I am having the same problem but with version: 6.x-2.x-dev. Has there been any ideas to stop this problem?

Perhaps there's a way to tie the akismet module into this one? That might provide defense against some forms of spam and help weed it out as more people submit these sorts of things to the akismet servers.

I think the akismet linkup is a good thing. I used the akismet plugin on a wordpress site I built for a news agency last year, and it's been flawless. We definitely don't want to build an alternate case-history of spamming.

I think the following pattern would work:
1) User sends privatmsg.
2) *before* privatmsg is inserted into the database, the message is checked against the akismet database
3) If there is a problem, the message is stored in a spam folder, and the admin is alerted that user foo might have tried to send spam.
4) admin logs in, sees alert message, can look at the purported spam and then decide to just silently ignore, allow user to send, or ban user.

That would cover spamming activity from both bots and real people.

Another, very simple thing to do would be to use the same mechanism that the comment module uses to keep posts from being sent rapid-fire. So there would be a privatemsg settings (send_delay) that would force a user to wait n seconds before being able to send another message.

@klktrk

I didn't realize the code didn't already do limiting ala the Drupal Comments code. That is a good idea as well! I just noticed that this bug was tagged on the 4.7 tree; is it safe to assume that this issue will exist in the 5.x tree as well? I will try to work a patch this weekend to limit the send rate and integrate akismet, but I only have a 5.2 system at my disposal.

Is this a problem also for 5.x? Would inserting Captcha points help? I am using Captcha 5.x-3.0-rc1 in conjunction with Riddler (instead of math question). The following forms are handled by default in Captcha: comment_form, contact_mail_page, contact_mail_user, user_pass, user_register. Would it be possible to handle Privatemsgs in the same way? I tried to capture privatemsg form info (using module form_store) but then I don't know how to use the collected data for adding a Captcha point.

@skizzo: This issue is about 4.7.x-1.x-dev.

If you want to contribute to 5.x-2.x, then open a new issue.

@salvis: actually, new features always get added to HEAD, never to a lower version. This is per the Drupal developper's community guidelines. It's pointless to have the same issue filed several times, against each version.
Also, this issue would be more visible with version HEAD.

One way to help out with this issue is to use the CAPTCHA module.

With the current version of the CAPTCHA module you can assign a CAPTCHA
to any form in Drupal. So you could attach the CAPTCHA to the privatemsg
compose message form as a partial solution.

No it won't help with tagging message contents as spam but it will act as
one more barrier to any automated methods of sending private
messages by spammers.

Sorry for pinging the participants, I am closing old issues.

This version of Privatemsg is not supported anymore, maybe it is already implemented in Privatemsg for Drupal 6 and if not, you are welcome to open a new issue for it.

(Hint: There is a patch for Drupal 6 which allows Mollom integration)