Allow server staff to customise who can send direct messages from their server
TL;DR: As it is currently essentially impossible to manage "DM bot raids" due to issues with Discord rate-limiting moderation bots, server staff should be able to prevent users without a specific role from DMing other members in their server by default, which can be disabled by individual members if they choose.
Today, a large server that I own was raided by over 200 bots that joined at the same time to mass DM our members with a Bitcoin-related scam. Unfortunately, it is currently too difficult for us to handle a situation like this properly without using an overly strict moderation level that requires all new members to have an account with a verified phone number, which shouldn't be necessary and is not a permanent solution.
Currently, the only theoretical solution for this specific scenario is to write a bot that automatically kicks users when too many join at once. The issue with this is that in addition to potentially having false positives, it wouldn't actually be an effective solution during a raid as Discord rate limits our bot after kicking around 10 users, which gives the remaining bots plenty of opportunity to continue sending DMs to our members before they are kicked.
I believe that the best way to solve this problem is to give server staff the opportunity to set a default role requirement that members need to meet before they can DM other server members. For example, someone joins a server and immediately tries to send a DM to a member, but this fails because they do not have the "Verified" role that they need to have full access to the server.
To prevent potential abuse from certain servers, this would simply be the default setting for a user when they join the server. If the user wants to allow other members to send them a DM, they can simply change this in their privacy settings, which will allow them to receive messages from any members, but also leaves them prone to potential scams like this.
With this feature, server staff would be completely capable of preventing situations like this in the future, as they would be able to protect the vast majority of their members by forcing bots to go through some sort of verification process before they're given the role needed to contact most members. This will not only prevent people from leaving large servers out of annoyance, but will also drastically reduce the amount of people that are affected by scams of this nature.
An example of how this new feature could be used:
When a user joins a server, they are told to agree to the server rules before being allowed to enter the server. Upon agreeing, more features could also be used to deter bot accounts, such as a CAPTCHA system. Once the user has verified that they are a real person, they are given a "Verified" role. As set by default, this user will now be able to send a DM to the majority of our members rather than being unable to send a DM to anyone other than those that have specifically disabled this feature in their settings.
One of the messages in question:
-
how did this not get implemented? its SUPER necessary
1 -
two other threads have posted similar posts, this is super important! i hope this gets added!
Would exponentially reduce the number of spam, hacking, targeted harassment and scams that happen on servers small and large.
0
Please sign in to leave a comment.
Comments
2 comments