Based on testing that I've done with this and other boards, the false-positive rate is a little too high (somewhere in the region of 20-25% of all flagged email/IPs). These figures were ascertained by conducting a cohort study where we tested people's IPs/emails and allowed them to register anyway, extracted the logfile, then followed them to see if they were ultimately banned for spamming. Obviously, your mileage may vary according to your users, but that is our experience.

If we implemented this mod on a reasonably busy board (100-150 registrations per day), we would expect to have a significant number of genuine people denied registration to our site. While the benefits may lead some to conclude that it's a sacrifice worth making, I'm a little less willing to break more eggs than necessary when making this omelette.

As a matter of good 'customer service', we would be prepared to whitelist IPs and emails from people who got in contact with us, then instruct them to try again.

I realise that others have suggested manually creating user accounts for people who fail the SFS check, but on a busy board that would eat up any labour-saving efficiencies that this mod brings. It's also impractical to be disabling and re-enabling the mod to permit people to get through.

I'm not the only one asking for this, which leads me to believe that either we're all misunderstanding the nature of the mod or that we're all seeing a fairly obvious gap - as did the original author when coding for v0.7.

the problem is if you think there are false positives, then report them to their DNSBL provider, the IP address can be removed but it takes 24hr to propagate for removal
this mod is not responsible for the false positives, its the users reporting them to SFS

Turned this on yesterday and it's blocked over 15,000 registrations in something less than 24 hours. (I assume many of these would have been blocked already with our human verification options, but many would have gotten through too, so this is a big plus.)

However, we've also had one real user (presumably) mail us saying he couldn't create an account. So what do you do to get a real user access?

its easy to get their IP removed, first of all i can help you with that PM me and i'll send you details on how to get his IP unblocked

Great! Will do. (I'm currently waiting to get info on who he is back, so I can correlate that with the blocking info in the log.)

I think you should use just the IP and email check, no username check, it works for me

Yes. You will get a LOT of false positives if you enable name check.

I agree, only use IP and email check. never use username check.

Well, things worked great for a bit less than 4 days, then I started getting:
And all the spam is flooding in again. What happened!?

you need to update the api address from stopforumspam.com to api.stopforumspam.com the aapi is no longer updated from stopforumspam.com