Add "DM other users" as permission for roles


15 yorum

  • Reg

    Yes please.

    Yorum işlemleri Permalink
  • CryptoMaximalist

    It should also respect the setting "Do not allow sending messages for 10 minutes" and prevent sending DM messages to server members

    Yorum işlemleri Permalink
  • Pirate King Online

    Please Implement this ASAP!

    It's annoying to see Bot's raiding your discord server just to send ADs to your whole community.

    This raid Bot's even manage to escape the welcome/captcha channel and send Direct Messages to all our users without even seeing them in group/online list.

    Yorum işlemleri Permalink
  • Partydragen

    Yes please do this suggestion mainly to avoid those bots! 

    As moderation verification level support that to disallow dm it should not be much harder to add permission well? or add a option to disallow dm if user don't have any roles

    Yorum işlemleri Permalink
  • DrBot

    This is definitely a huge issue on my guild. It gets raided often with advertising selfbots. Hundreds of them will join the guild and each of them will dm a few members of the guild. I turned on the double table flip verification level to hopefully stop these adbots, but that didn't stop them. Somehow they have verified phone numbers.

    Building on your suggestion, I think it's fair to let players without this permission to still be able to dm bots since that isn't bugging anyone. It's also a method of obtaining roles for some servers. My server for instance, uses DiscordSRV so roles are obtained by dming a bot.

    There is also one thing I would like to change. You said that this should block dms if the user is lacking the dm permission in any other of their mutual servers. If we do this, players could just leave the server where the permission is denied to them, and that would then let them be able to dm the other player. I think it makes more sense if players were able to dm other players as long as they have the dm permission in at least 1 mutual server.

    The problem is bigger than just spam and ads though. Less than a month ago, the SpeakJS server of over 10 thousand members was the target of one of these attacks where hundreds of adbots raided the server, each dming a few other players the typical scam - "You have been randomly selected... You won 0.6711 BTC... Sign up on..." It's more than just a preference or a bug. People could seriously get scammed with something like this if more people start to use these selfbots. Discord, please implement this fix.

    Yorum işlemleri Permalink
  • tldrross

    Hi! I'm Ross from TLDR News,

    Our server currently has 3300+ users and is growing at a healthy rate. We've recently run into an issue with our server being targeted by bots along the same lines as previous comments above. Having the ability to only allow our users to DM each other once they gain a certain role or even after a time period has passed. This would be super beneficial at tackling this recurring issue regarding bots or users with advertising intentions from harassing our active users. 

    Commenting here to show our support for this feature! 

    Discord please implement a workaround for this. 

    Yorum işlemleri Permalink
  • Skye

    banning the selfbots and the raid bots should be a #1 priority for discord until this permission is added.

    Yorum işlemleri Permalink
  • Developer


    I would suggest that each and every Discord user who faced problems with self and raidbots comment here to get Discord Developer's attention to these problems and a simple solution provided by community.

    Yorum işlemleri Permalink
  • tldrnelson

    I'm a proud colleague of @tldrross, and just wanted to add my two cents. 

    In a week where Twitter themselves was targeted in a large scale attack, it is only right that the matter of DM security is of utmost importance; when it comes to the incident on our server, the bots in question were pushing cryptocurrency scams which could have been detrimental for anyone who may have fallen for it - whether in our server or beyond.

    It was ultimately due to the quick thinking of our moderation team that the incident was able to be isolated - but this still took an immense amount of time out of our schedules. Personally taking the lead in resolving the incident, I had to *manually* ban 51 bots. 

    The issue being, as others have highlighted, a simple and practical solution exists: making the option of direct messaging other users a specific role permission, or otherwise just not making it the default option! This ought to be implemented without delay.


    Yorum işlemleri Permalink
  • Yvo

    Hey there! Yvo here, moderator from TLDR News Discord.

    This issue sort of haunts me since I started building own Discord Servers and / or being a moderator; I have witnessed several bot incidents, as described by Nelson and Ross as well as earlier commenters.

    It also broke off some discussion about the connection, or rather the inexistent connection between DMs and server permissions. As servers do act as an "address book" for bots to source DM contacts I believe that the "shared servers" feature should be extended so that direct contacts (if they only exist over one server, or multiple servers with the permission turned off) are not possible unless proactively accepted. As already possible in the user-side feature of blocking DMs from certain servers, just server-side.

    I see the differentiation between server roles and private settings but do urge you to issue some sort of preventive system other than having to rely on personal user action as in that case personal responsibility comes flying back at server owners and / or moderators.

    Yorum işlemleri Permalink
  • TheFlyingP1g

    Hi all, I’m also a moderator on the TLDR News Discord.

    I do wonder if you are facilitating GDPR violations with these unsolicited scam messages being sent over your platform. I’m not sure whether that puts you in the wrong, however it certainly should be something that you should be actively moving to prevent. If you want to have advertisement on your platform then do it right and don’t allow it to be sent for free.

    Yorum işlemleri Permalink
  • Knight

    Hi everyone I'm Knight a moderator on the TLDR server.

    The issue that we had with the immense amount of bots was extremely frustrating to say the least.

    In a matter of minutes the server had been reduced to anarchy with users all enquiring as to what was happening.

    I fear that if not for our excellent moderation team and the better judgement of our users incredibly bad things may have happened.

    A possible fix I may suggest is that the user wouldn't be able to receive messages as the default option then they can enable messages from specific server at their own will.

    Yorum işlemleri Permalink
  • Agent Thonk

    With this permission implemented, we'll be able to secure our server members even further from trolls and scam bots. I have my fair share of bots joining in to advertise scams and people spamming my DMs despite being unverified. I think this should also be log-able for Moderation bots like MEE6 or Dyno that way, Server Moderators can immediately look into the DM and ban the member or bot if it's a valid reason, say spamming or is a Self Boat. But a flaw to this would be privacy. I don't really feel secure with Mods being able to see the DMs of others. 

    Yorum işlemleri Permalink
  • Developer

    Agent Thonk

    Let's clarify how this can work.

    So we have a `newbie` or `everyone` role.

    This role cannot DM anyone when the flag is set unless they are friends. But they also can send friend requests to other server members as long as their settings allow that (optimally?).

    A Bot can DM such members because it's a 'Verified' Bot. It can be MEE6 or Dyno or a custom one, does not really meter.

    Once the server member is promoted to a role where the 'DM others' is allowed, they will be able to DM other server members as long as their settings allow that.

    There are Zero privacy risks of any kind.

    It's a simple as 'Server Privacy' -> 'Allow direct messages from server members' that disables this setting per role even if a member allowed DMs.

    Yorum işlemleri Permalink
  • Darkflame

    Hey, I'm a mod on a sizeable Rocket League community Discord where we've also been having this exact issue, apparently along with a number of other RL servers. I tell you, it's a chore going through the list and banning them individually. We've increased our moderation settings and still hasn't helped us, and I definitely think that having a permission for DM-ing other users should be something we can enable or disable on a server or even per-role basis.

    In our example, these bots named "gift bot" or "gift bot (RL)" have been joining our server in batches of fifty and spamming random users with a message telling them they have been gifted a free in-game item! They are given an item code and a link, which I'm told tries to get them to sign in to a fake Steam page to hijack their account. This might sound like it's far too obvious a scam, but RL has a playerbase which is quite young and potentially naive. As well as this, Rocket League does have an item rewards scheme that ties into their pro-league Twitch streams, which at one point (no more, thankfully) did use a bot to inform you you'd been given an item. I can see some fans being primed to think maybe an account that purports to be a bot and uses Psyonix's (the game developer) logo could be legitimately giving items to fans in RL communities.

    Obviously, to people who have seen these kinds of things before, this is not the case, it's clearly a scam. But like I say, a lot of kids, and actually a lot of naive people who aren't kids but still don't think too critically about this kind of stuff. As mods we should be limiting the opportunity for people to be able to do these kinds of things, right? So I find it frustrating that these bot accounts are so pervasive and hard to keep away, but we have banned something like 200 of them over the past few days.

    Our mods have talked about what the problem might be and if there's a way we can work around it with the tools we have. None of our permissions seem to apply to this issue. Being able to control who can DM people on our server would be helpful, but even then that might not solve the problem. One of us wondered if they were just joining the server as a way of getting to the user list, in which case we'd need a way to stop new unconfirmed accounts from seeing who is on our server. If this is possible with roles, it'd require some convoluted setup. Perhaps we have to create a new user room for the default role then give every user a non-default role that is unable to read messages from or interact with the new user room. Would that be a doable workaround?

    Seriously I'm so tired of banning fifty identical bot accounts every day or two, you guys.

    Yorum işlemleri Permalink

Yorum yazmak için lütfen oturum açın.