识别用户并将其列入黑名单的有效方法

我目前正在寻找使用各种网络/互联网技术的不同方法，以便能够识别网站的用户而不是主机并将其列入黑名单。如果那没有什么意义，请允许我解释一下：

I'm currently looking at different ways to use various web/internet technologies in order to be able to identify and blacklist a user of website rather than the host. If that didn't make much sense, let me explain a little:

您可能已经知道，某些网站（特别是论坛和留言板）的访问不受欢迎垃圾邮件发送者经常这样。显然，论坛版主可以将用于执行此操作的所有帐户列入黑名单，但这是问题出在这之后发生的事情。

As you might be aware, some sites (particularly forums and message boards) have the unwelcoming visit of spammers every so often. Obviously forum moderators are able to blacklist any accounts used to do this, but it's what occurs after this that's the problem.

在许多情况下，相同的 user 可以绕过黑名单，创建一个新帐户，然后继续进行黑名单。当然，有一些工具（例如IP地址黑名单），但是即使对Internet有一点点了解的人也通常会知道如何获取新地址，并且能够再次绕过他们。

In many cases, the same user is able to bypass blacklistings, create a new account, and continue on their rampage. Of course, there are some tools such as IP address blacklists, but anyone who even a little bit knowledgeable about the Internet will typically know how to obtain a new address, and once again be able to bypass the ban meant for them.

我见过的另一种有趣的方法是使用唯一的加密cookie（至少）识别被列入黑名单的用户所使用的主机。也就是说，当用户被列入黑名单时，服务器端会记录Cookie中的值，以便下次使用同一主机创建新帐户时，会将Cookie发送回服务器，服务器随后可以识别该Cookie。他们绕过了黑名单。但是，问题又来了，熟练的用户能够删除浏览器的cookie，从而使他们再次成为匿名用户。

Another interesting method I've seen is using a unique encrypted cookie to (at least) identify the host used by a blacklisted user. That is, when the user is blacklisted, the server-side makes note of the value in the cookie, so that next time the same host is used to create a new account, the cookie is sent back to the server which can then identify that they're bypassing a blacklist. But again, the problem is that adept users are able to delete the browser's cookies, allowing them to once again become anonymous.

所以我正在寻找不同的方法甚至可以强制执行这样的黑名单。我知道其他的浏览器存储方法，例如localStorage，甚至是基于插件的方法，例如 Flash cookie，因此最好采用与此类想法类似的方法（尽管理想情况下，能够成功实现

So I'm looking for different methods of being able to enforce such a blacklist, if one even exists. I'm aware of other browser storage methods such as localStorage, and even plugin-based ones such as "Flash cookies", so anything similar to these kinds of ideas is preferrable (although ideally, it would be great to be able to make successful identification by just using regular HTTP technologies. ie. without Javascript, Flash, etc...).

还有很多关于确定，由于用户可以更改或删除各种设置，因此该想法可能并非100％可靠，但是，如果他们不了解或意识到它可以那样进行，那么它起作用。我的意思是，就像我上面给出的有关Cookie的使用示例一样；即使可以删除Cookie ，但如果用户不了解正在使用Cookie的情况，那么黑名单仍然会被强制执行。

There's also a fair bit of thinking in terms of "well sure, the idea may not be 100% foolproof since the user could change or delete various settings, but if they don't understand or realise that it works that way, then it works". What I mean here is, just like the example I gave above about the use of cookies; even though cookies can be deleted, if the user doesn't understand that they're being used that way, then the blacklist remains enforced.