On 6/11/09 2:48 PM, Paul Kinlan wrote:
You could do the "Stackoverflow" method of quietly silencing/ignoring the users that are spamming/abusing the system which is why I suggested not sending the "XYZ is now following you" email for people that look like they are abusing the system.
Absolutely. There should be a silent rate limit around following - normal human activity shouldn't really be >1 follow per second, and no more than 100 in a 5 minute period, reasonably. (We can argue about the fine-tuning of these numbers, but lets agree that we need both of these metrics.)
Next, we stop making "follow" a realtime event, and instead hold them in a queue. Normally, they get released from the queue as normal after 30 seconds - unless either limit above gets violated. In the case either limit is violated, the _account_ gets flagged, and then any follow requests that are released from the queue from that point on no longer trigger a following notification to the followee if they're configured to receive them.
In the case where legitimate use possibly crosses the path and gets flagged, simply clear the flag after 72 hours or some long-enough period for humans to identify actual spam accounts to get them suspended, but where a legitimate user will continue to use the account normally.
-- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70)
