The jive-x team is extremely excited to announce the release of the much awaited Spam Prevention Service (SPS) for both cloud (2015.3) and hosted customers (8.0.2 version), further strengthening the existing spam prevention capabilities within the product.

 

The service and its value

As we are all well aware, jive external communities are easily susceptible to spam which prevails all over the internet. In the context of communities Spam is the unsolicited content that gets posted into the community space either in the form of blogs, comments, links, videos, pictures,etc..We have seen everyday millions of spam gets created across the internet either through bots or manually. By having spam within the community, community users get frustrated getting routed to illegitimate websites and content thereby decreasing the engagement and brand value, and more importantly Google search doesn't like spam and the community site might be penalized with lower search ranking making it harder for the site to be found.

While there is no perfect answer to eliminating spam, as the provider of the community offering Jive needs to take charge and do our best to mitigate spam issues on our customers communities.

Over the course of the last few years Jive platform has been evolved with a series of spam prevention methods built into the product. These include:

    1. Link moderation: Moderate content that contains external URLs that are not whitelisted
    2. Keyword interceptor: Block or moderate content that contains keywords or phrases common to the spammers
    3. New user moderation: Moderate new user accounts and have a human review new accounts
      1. NOTE: Will not work if using SAML
    4. Link moderation (points threshold): Configure link moderation so that all content by users who do not have a certain amount of status points is automatically moderated
    5. Message governor interceptor: Limit the frequency of posts
    6. Abuse reporting: Allow community members to flag spam posts for review
    7. Banning user accounts or IPs: Prevent certain user accounts from logging in or users from IP addresses from accessing Jive

   While these features have been effective against automated attacks we have started to see new patterns from spammers which are more manually coordinated attacks creating new set of challenges for our customer communities.

 

Our approach going forward: Jive has recognized that not only do we need to protect our customer base from the recurring spam attacks by providing the right anti-spam toolsets, we have to take measures to be more proactive and combat spam at its early signs of occurrence. The only way we can achieve this is with the Spam Prevention Service approach. The micro service is an independent service that is hosted in the cloud. It sits between the Jive platform core and the internet and can also proxy out to any 3rd party anti-spam service.
By building a micro service layer that is independent of the core platform we can:

  • Add all the existing anti-spam logic and enhance the logic as we see new patterns and iterate quickly
  • Proxy out to 3rd party anti-spam services that are best in class for spam prevention which now gives Jive the power of not just the in-service capabilities but also more robust checks with 3rd party offering

sps.jpg

Offering

 

    1. BASIC: By default all customers can turn on the basic spam filtering that the core product provides.

    2. SPAM PREVENTION SERVICE: Customers can choose to turn on the spam micro-service which is off by default and available starting 2015.3 and 8.0.2. Customers would need to work with support to turn on the service. There is no additional cost to the customer for turning on the Spam Prevention Service

    3. SPAM PREVENTION SERVICE + 3rd party Integration:  Customers who want to use the additional capability of the 3rd party integration (mollom service) will need to opt-in for the the 3rd party service and the pricing schedule. There is a minimal monthly fee for customers who chose to opt-into the 3rd party offering.

  

What solutions do each of the Offerings provide

1. The basic spam service solution which already exists in the product today help prevent spam by allowing:

    1. Link moderation: Moderate content that contains external URLs that are not whitelisted
    2. Keyword interceptor: Block or moderate content that contains keywords or phrases common to the spammers
    3. New user moderation: Moderate new user accounts and have a human review new accounts
      1. NOTE: Will not work if using SAML
    4. Link moderation (points threshold): Configure link moderation so that all content by users who do not have a certain amount of status points is automatically moderated
    5. Message governor interceptor: Limit the frequency of posts
    6. Abuse reporting: Allow community members to flag spam posts for review
    7. Banning user accounts or IPs: Prevent certain user accounts from logging in or users from IP addresses from accessing Jive

2. The Spam Prevention Service has more additional in-built functionality that adds to the set above. Specifically, the Spam Prevention service has the ability to:

               1. Moderate all non-english posts if the community is set to English.

               2. Moderate all posts by user accounts < 24 hours old.

               3. Moderate all posts that are repetitive.

3. The 3rd party service (in this case Mollom) uses sophisticated machine learning techniques to block spam and malicious content automatically. Mollom uses a reputation-based system that keeps a continually evolving archive of user profiles to immediately discern an individual’s propensity to submit spam. This applies to everything from user registration forms to blog entries. For more details: How Mollom works | Mollom

 

Workflow

              

     Assume in the above diagram, user A is trying to post a piece of content into the community.

     Before the content gets published,

    • If the customer community is using jive's core moderation rules (Jive 7.0 Community Admin Documentation), Jive will apply those moderation rules first.
    • Assuming the integration is enabled, the content will then be sent to the Spam prevention service. The service scans the content and responds to Jive with a verdict of spam or not spam. If content is judged to be spam, Jive places it into moderation.
    • If a customer has opted-in to use the 3rd party service (Mollom), Jive's spam prevention service will also query the third party service and take it's response into account when producing a verdict.

 

SpamPreventionConfig.png

 

We highly recommend all our jive-x cloud and hosted (8.0.2) customers to turn on the spam prevention service and opt-in to the mollom service. Please contact support or your account manager to get these setup.

 

We would love to get any feedback on how its working and where we can improve further.

Coming soon are more detailed config and setup docs and some best practices.