Looks to be machine generated. No tags. Is that the entire post?

Have you asked this " long-time user?"

Is this person known to have cats by any chance?

@keyplyr, yep, those are the entire posts. I can't figure it out, either... at first I thought he was just hitting random gibberish on his keyboard, but then today I noticed the ‰ and  symbols. So they're definitely being generated through something.

I sent him a PM yesterday and asked if the error was on my end, but he ignored and made 3 more posts like that today. So he's definitely doing it intentionally, I just don't really know why.

@noteasy... I don't know about cats, but he's super Republican, trolls and attacks people that aren't Republican, and blames me when he has trolling posts removed! lol

i like the "cat on the keyboard" theory - none of those characters require a shift key.

So he's definitely doing it intentionally, I just don't really know why.

Does it matter? He's abusing your board. Block the account and don't let your time be wasted by these trolls.

none of those characters require a shift key

Shift or Caps Lock.

[tin'ptyob,c[prcewotm0bv0[ibjmcoqjwe9uy980r0925376-0vm0918cxm-0`808n-0u J0NI7B097Y98u0U087B)(&yv*V8V*&^(C&^%C(&^p90um[0e9ritm=v-0,]

Cats are perfectly capable of sitting on the shift key while batting away at the rest of the keyboard. Or stepping on Caps Lock to generate strings like J0NI7B097Y98. Adjacent characters like %^& or [p are also plausible. But the last part doesn't look feline; it's too mixed. There should be a lot more adjacent-key clusters. (Yes, I'm sitting here skimming my fingers across the keyboard to see what the patterns are.)

and blames me when he has trolling posts removed!

It's your forum. Who else would take the responsibility? In any case wouldn't it be less trouble just to delete each post as you see it? I'm inclined to doubt that he is using your forum to pass along coded messages to a co-conspirator on the other side of the globe.

Block the account and don't let your time be wasted by these trolls.

Unfortunately, that's easier said than done these days! With the advent of browser plug-ins specifically designed to hide you, it's become next to impossible to successfully block people that don't want to be blocked :-( Worse, any public discussion of blocking techniques would quickly be found on Google, making it easy for someone to figure out a new way to get around them.

If anyone would like to discuss blocking techniques by PM, I would gladly share what I've done in exchange for new ideas!

Just block his IP.

Unfortunately, that stopped working several years ago. Most of my users' IP addresses change regularly, even several times a day... especially those using a mobile device. Even when I did do that, people quickly learned to just restart their modem and they got a new IP.

And since I focus on a local demographic, I also have the problem that many people have the SAME IP... there's a corporate office here with 3,000 people (most of whom use my site), and they all share a single IP.

Can't block by user agent, as that changes constantly, too. Can't block based on a combination of IP and user agent, I've tried it and had way too many false hits.

I used to block using a simple cookie, but browser plug-ins squashed that real fast.

It's your forum. Who else would take the responsibility?

Oops, sorry, Lucy, I didn't mean to ignore you! I was typing up my earlier reply when you posted, and I just now saw it.

This has been a heated argument on my forum for quite some time, and he says the same thing. My response is generally, it's HIS fault that he had posts removed, when he intentionally and repeatedly violates the TOS.

As for the cat theory, though, or a glitch on my end, I dismissed that tonight when he tried to make a post with 3 paragraphs that was flagged for review, and then 4 minutes later made a gibberish post that also appeared to be 3 paragraphs.

That's when I thought he must just be mad-man typing, but that wouldn't explain the ‰ and  symbols. I have no idea how you would make those on a regular keyboard, which is why I'm thinking a machine-generated encoding. It's not unprecedented for someone to make a vulgar post in Russian or Arabic on my site in an attempt to get around the filters, so this might be the new "cool thing".

I assume users have accounts and need to log in to post. Can't you suspend his account?

The brackets seem to be common in those messages (as well as in some types of comment spam). Perhaps flag those in new posts.

To stop this kind of thing (sometimes caused by a user inadvertently posting BIN64 or MIME code) I filter by word length. Anything longer than 12 characters pops up for review.

Anything longer than 12 characters pops up for review.

Another flag you could try- any numbers appearing between letters in the same "word." Other than usernames, the occasional product name, and fat-fingered typos, offhand I can't think of any other legit reasons why it would happen. Although I'm sure someone will come up with something I hadn't thought of yet. If the filter gives too many false positives, you can always refine it (or turn it off).

Confession: When I first saw the topic title I assumed it would be yet another incarnation of UTF-8 getting reinterpreted as some one-byte encoding. Obviously not the case here! It also isn't base64. (I only know because I scurried to the nearest online decoder and it came up gibberish. If I knew base64 I would not have needed this step, because I would have recognized which characters do and don't legitimately occur.)

Much depends on how intelligent your offending poster is. ("It is impossible to make anything foolproof, because fools are so damned ingenious.") Even the most transparently obvious barrier will work on an awful lot of humans--remember, this is a world in which 9 out of 10 people know no way to reach a website other than by typing its name into a search engine. Have you even tried banning him?

I don't know about cats, but he's super Republican, trolls and attacks people that aren't Republican, and blames me when he has trolling posts removed! lol

We generally don't do politics at WW (I've been reminded of that from time to time), but is it possible that a liberal site will view any conservative commentary as trolling? That said, if the posts violate TOS, regardless of politics, then delete the messages. If asked don't argue, just reply with the specific rule from your TOS and be done with it. Most "trolls" will eventually give up if they butt heads with rules and not commentary. The quickest way to end and argument is not not engage in the first place.

Your sandbox. Your rules. Apply them FAIRLY and all 3,000 will be happy. Even the troll(s).

Meanwhile, PM the person, given them a warning, then regardless of how many times you have to nuke, ban that person WITH NO COMMENTS, just keep after it.

If, at some future time, the harassment becomes untenable OR threatening, provide all your info (keep a file, all IPS and everything else) to your local police and elevate it to as high as possible, particularly if there are threats involved. Meanwhile, apply your TOS (you do have one, right?) and don't engage.

csdude55, first signs of trouble or attitude, I send a warning, the second time, the user is banned. No need to waste time with idiots trying to bring everyone down to their level. Have you looked for some kind of digital fingerprinting [panopticlick.eff.org] plugin?

About the sample messages. Are they the raw input, or, was it after some kind of sanitizing filter? It's possible that your forum software is cleaning strings, removing particular set of characters to prevent all kind of attacks and injections. If so, may be the raw input was really "something", but after the sanitizing it doesn't look like anything anymore.

When I have a registered member, which starts troubles (of all kind), what I do is that I change his status, so that his messages don't go live automatically, and instead wait for being approved by me.

Sorry for the long reply! I didn't want to leave anybody hanging, though.

I assume users have accounts and need to log in to post. Can't you suspend his account?

The brackets seem to be common in those messages (as well as in some types of comment spam). Perhaps flag those in new posts.

He does have a registered account, but it's so easy to get a new email these days that blocking an account just makes them change usernames. Which makes it harder on me, really, because I have to figure out their new account, then move all of the filters I have in place on their account to the new one.

Blocking the brackets just on his username isn't a bad idea, though... he does occasionally make a legit post with a bracket, and so far most of the gibberish posts have had a bracket (not all, though... I think whatever encoding he does converts a < to a [), so it's a good catch.

To stop this kind of thing (sometimes caused by a user inadvertently posting BIN64 or MIME code) I filter by word length. Anything longer than 12 characters pops up for review.

How do you differentiate URLs and jokey hashtags (which I don't support, but people post, anyway)? I would have to modify mine to 30 (I have a few usernames that are pretty length), but it would still work if I can set it to ignore tags and anything following a hashtag.

Another flag you could try- any numbers appearing between letters in the same "word."

I like this, too, but how to NOT catch quoted usernames would be tricky... I have a lot of usernames like "2Good2BTrue", so unless I manually write an exception for each one? I'll have to think about that one.

Much depends on how intelligent your offending poster is. ("It is impossible to make anything foolproof, because fools are so damned ingenious.") Even the most transparently obvious barrier will work on an awful lot of humans--remember, this is a world in which 9 out of 10 people know no way to reach a website other than by typing its name into a search engine. Have you even tried banning him?

My issue might be more unique than I thought.

Keep in mind that my site is 15 years old, and focuses on a local region so a lot of people know one another in person. Several years ago, I had a particularly nasty troll that I banned, and he was the first one that made the effort to get around anything I could think of. Before him I just set a cookie.

I'm guessing that he told a lot of his friends what to do, because now I have 12 people that I would happily block, but can't.

In most of the cases, I've sent them messages and tried to talk them down; explaining that while they think it's funny, they're physically hurting my business. They'll usually stop (for awhile, at least), but a few of them (like this guy) have decided to hate me, personally, and really don't care. They think it would be awesome for me to go out of business.

We generally don't do politics at WW (I've been reminded of that from time to time), but is it possible that a liberal site will view any conservative commentary as trolling?

Interestingly, that's exactly what they say on my forum! They accuse me of "liberal bias" any time I remove something from one of the conservative group. What's funny, though, is that the extreme liberals accuse me of "conservative bias" any time I remove something from the liberal group! lol

But here's an example of a post I removed just a few minutes ago: Posting a foolish statement lacking in correct punctuation makes you look stupid, you know?

I don't know... people used to be a whole lot nicer and more accepting of the rules, but lately people have just gotten nasty, on both ends of the spectrum. It's making my job a whole lot less fun than it used to be, I can tell you that.

Have you looked for some kind of digital fingerprinting [panopticlick.eff.org] plugin?

Nope, but I'm looking in to it now! Thanks for the tip :)

About the sample messages. Are they the raw input, or, was it after some kind of sanitizing filter? It's possible that your forum software is cleaning strings, removing particular set of characters to prevent all kind of attacks and injections. If so, may be the raw input was really "something", but after the sanitizing it doesn't look like anything anymore.

When I have a registered member, which starts troubles (of all kind), what I do is that I change his status, so that his messages don't go live automatically, and instead wait for being approved by me.

This DID come after a sanitizing filter that I built, but the same filter has been running for 6 years or so and I haven't seen anything like that. It would have removed a lot of repeating characters (so, a repeating "b" would be stripped down to 4), but there's no way it would have created those weird characters.

I PMed him several days ago to ask that same question, though. He never replied, but kept making posts like that, so I'm positive now that it's on purpose.

What I've been doing is a little more complicated. When a moderator removes a post, they mark a reason (trolling, vulgar, libel, etc). Then I developed a system many years ago that scans his removed posts and looks for pattern words or phrases, then adds those patterns to a database. The more posts that I remove for violations, the more patterns are found.

Then when he makes a post, I query the database and look to see if his post matches any of those patterns.

So, like in the post above, a filter was generated that now looks for a post made by him that matches #foolish.*punctuation.*stupid#i. If it matches, it will be flagged for review instead of posting immediately.

The downside to this system is that when someone tries to get around a filter, they might end up generating a LOT of filters that essentially block anything they can post... which inevitably leads to them creating a new account and starting a new thread about how terrible of a person I am. But it does work to police the wide majority of the problem children I've had to deal with.

I feel your pain. I can also sympathize with the growing number of sites that shut down their UGC, particularly comment sections. At some point the effort exceeds utility and ability.

Or you can go completely pre-moderated and nothing gets posted unless you or an assigned admin approves. (But that's a different story and can lead to legal problems down the road).

That's similar to the suggestion I was given by an attorney that specializes in internet law... don't moderate at all. By moderating, I take a level of responsibility for each comment made.

But if I did that then those 12 trolls could destroy the message board for the 60,000 other good users. So... I guess it's the price to play :-/

Trolls are a problem across the Internet and from what I've observed it happens because the admins are willing to tolerate their members "free speech" in exchange for growing the community. But it's a deal with the devil. Once those people are accustomed to a certain kind of community it's hard to change the tone of certain members because they feel entitled.

But this is deeper than entitlement. Community members feel a sense of ownership of the community. So in a sense this is a battle over ownership of your community. I know of several communities that had their genesis in a revolt against the admins of a previous community.

but it's so easy to get a new email these days

Not from any of the major email providers. For Yahoo, AOL and Hotmail you need a phone number. Gmail is problematic. I block disposable emails as they come in.

I feel for you. Seems like the forum is important to him. Is it at all possible that if you took the hard line and turned off his accounts every time he broke the rules that eventually he would begin to moderate his tone? He's engaging in a battle of wills with you and is it possible that you're letting him win?

He's engaging in a battle of wills with you and is it possible that you're letting him win?

Probably. Everything you said is on the nose... I feel like you've been there! lol

This problem really gets a lot deeper than I'd like to admit. I started out pretty loose, and everything was fine and dandy with the occasional troublemaker. Then Facebook came along with their easy-to-create groups, and suddenly I had 20 groups competing with me. For reasons that I can't even understand, the owners don't make a nickel for their efforts.

So a lot of the "good" posters have faded away, leaving me with the people that don't want their real name attached to their comments. It's hard to justify blocking a top poster when 5, maybe 10% of their posts are removed for trolling.

There's also a long-term degradation that got this point. The poster I'm talking about in this thread has been posting for 5 years, and in the beginning he was OK. But over time, his replies to people got more and more angry, and their replies to him got more and more angry. So there was never an exact line that he crossed, he just sort of flowed into a negative zone.

I really don't want him gone, I just want him to be the poster that he used to be. And I've told him this, several times. But in his mind, people are mean to him so he's mean back, and I'm calling him out unfairly... and since I can't really track it back to the beginning, I can't swear on my life that he's wrong.

And it doesn't help that a few other people have followed that same pattern, and now they're cliqued together and decided that I must be the bad guy in all of it. They've even tried to convince people that I'm one of the people arguing with them (which I'm not), that I'm related to people arguing with them (I'm not), etc. It's become somewhat divisive, but I can't point to a spot and say THAT's where it started and who started it.

Just an idea, as a stop gap measure.

Instead of banning the user why don't you make him jumps through hoops to post. Every time, he posts something that goes to moderation, feed him a pop-up, a captcha and an email notification notifying him that his post is in moderation and then another to notify him that it has been edited.

Since this is not common practice (kind of ridiculous really) he probably wont realize that you are trying block him. He will be annoyed, maybe very annoyed and then will stop posting or post less. There is nothing preventing him from opening a new account, but if your lucky he wont think of it, assuming that this applies to all accounts.

Otherwise, what Martinibuster is saying is true, it is not that easy to get email addresses these days. It may take a few blocked accounts, but a some points he will run out of options.

I feel for you, I truly do. You're in a tough spot.

One option is to create a policy that all members must abide by, which includes a statement banning rudeness. But this means that ALL instances of rudeness must be diligently removed. There must also be a way for members to report rudeness. Additionally, all members must be encouraged to refrain from rudeness and to trust in the moderators to whack any rudeness shown to them.

The risk is that some members will bolt. The possible reward is that you will win back control of your forum. As I said before, this is all about control of the forum, something that it sounds like you ceded a long time ago. A sense of ownership is a sign of a healthy community . But I guess it depends on what the community feels it owns.

If all goes well you will have given birth to a better community culture that may encourage more members to participate. I have a feeling that there may be many members who are afraid to post in a wild forum. I get those flamed and timid forum refugees all the time.

But there are no guarantees, because as you probably are aware, this could backfire on you and the community could move elsewhere. It's a very tough spot.

Your other option is to approach from the opposite direction. Make this person a moderator with slightly elevated privileges, though you remain admin and in full control. Provide the courtesy guidelines you want observed then put him in charge of that task.

SOMETIMES (not always) when given responsibility folks will grow and fly right. And if the critter doesn't, you not only take away the mod privileges, you nuke the account as well.

One option is to create a policy that all members must abide by, which includes a statement banning rudeness. But this means that ALL instances of rudeness must be diligently removed. There must also be a way for members to report rudeness. Additionally, all members must be encouraged to refrain from rudeness and to trust in the moderators to whack any rudeness shown to them.

This is actually something we've discussed, and I like the idea, but it has 2 inherent problems for me:

1. The idea of "rude" is totally subjective, and I can't guarantee that what I think is rude today is what I'll think is rude tomorrow.

2. I have about 10,000 posts a day, and I simply can't read everything so I rely on users to report problems. But VERY few people report things! Nobody wants to be a snitch... they always wait for it to get out of hand, and by that time people have already left and I can't get it under control.

Worse, the people that do report things (like this particular troll) go to the opposite extreme; eg, "he called me 'cupcake', do your job!" to which I sometimes have to reply, "yeah, but... your username is 'cupcake eater', so I don't think that's exactly trolling..." So, of course, he claims I'm showing favoritism. But I end up spending a lot of time reviewing things that shouldn't be reviewed, and not enough time getting reports of the real problems.

Your other option is to approach from the opposite direction. Make this person a moderator with slightly elevated privileges, though you remain admin and in full control.

I'll be honest... that's really tempting. I've had a LOT of examples over the years where trolls grew up and turned in to good users, and I'd be the happiest if I could find a way to convert these guys.

Well, I r 1 and if it can happen for an old phart like me, lightning could strike again.

You won't know until you try.

BUT, if you do it, have a CLEAR POLICY established and a complete meeting of the minds in that regard, else it is an exercise in futility.