AOL ip addresses and forum bans

I’m head admin at a little, 2000 member-or-so message board. Our members are mostly well behaved, and even protective of their little community, but occasionally some one breaks the user agreement, and depending on how severe the infraction or how often they’ve done it after being warned, their accounts end up suspended.

Part of our user agreement is that creating new accounts to post with after your old account was suspended, is an offense that merits being banned by ip, so you cannot even read the forums. IP banning prevents any more accounts from being made, naturally.

Normally, this is peachy. Few people get suspended at all, and few of those are willing to risk being banned more severly for a longer time by ban-dodging with a new account. Very very few are actively out to cause trouble and make repeated accounts to post naughty things, and these generally get nailed by ip bans.

AOLl users are different. AOL assigns completely dynamic ip’s. At best, the first digit is a constant, and that digit is shared with dozens of innocent users who’d end up banned if we blocked that static digit and used wildcards for the rest of the ip. Effectly, if an AOL user wants to attack our forums, making new accounts each time we suspend them, we cannot stop them without banning a large chuck of our community along with them, or by suspending registration ( not really an option with several new users coming by every day).
Is there any way around this? Our tech guy had the skills to create our forums more or less from scratch, making them unique…but finding a means to keep out a single problem user from AOL without keeping everyone on AOL out is beyond him. Does anyone here have a solution?

One possibility might be to require a valid email address for registration, and only allow one user per email address. To make this work, however, you need to disallow email addresses from places like Hotmail and Yahoo. Basically, disallow addresses from any service that allows users to register free email addresses.

It’s still not a bulletproof solution, but it would probably cut down on people casually re-registering.

We do restrict to one registration per email address, but allow yahoo, hotmail, aol, etc. Our users are mostly 13-18 years old, so free email addies are often their only option. Mom and Dad don’t want them using the isp account.

Again, it comes to a balance between keeping troublemakers out and letting innocent users in.

Can you ask for an address and ph# then do a search using an online reverse phonebook to verify the ph# matches the address?

The problem with that method is that all it takes is access to a phonebook (which everyone has) to create a new identity.

I really don’t think that there is any good method. It’s just one of those things that you have to deal with.

It just seems that there should be some solution, or this would be a bigger problems for popular message boards. SDMB gets tons more traffic than we do. I can’t imagine that our mere 2000 teenagers can have thought of ways to cause trouble that a board the size of SDMB hasn’t dealt with and solved.

What makes you think that the SDMB has solved the problem? I’m a moderator on another, meduim-sized messageboard, and we have the same issues there. There is simply no way to limit someone to a single account as long as they have access to both multiple IP addresses and multiple email addresses.

The solution is that you have to handle this type of thing manually. It’s one of the jobs that an admin has to do in keeping up with a message board.

I’m having a similar problem with forums I moderate - manual monitoring and blocking seems to be the only option :frowning:

It’s hardly an AOL-specific problem, by the way. Dial-up users virtually always get dynamic IP addresses, and even cable and DSL accounts are often not guaranteed to be static (although they may be in practice, as long as you connect often enough).

So I’d say that for home users, dynamic IP is the norm rather than the exception. It’s just that AOL is so large that the chance of blocking innocent users is much greater than when you block some small-fry ISP in Fort Yukon. But for all you know, you may already have prevented some potentially valuable new members from discovering your board…

If the troublemakers are not very smart, you may be able to identify them (actually, their machines) with cookies or web bugs. Otherwise, I agree with the others that manually deleting troll posts is just something you’ll have to live with.