Spam isn’t a bug: it’s a business If you run a community, a forum, a SaaS with comments, or even a simple contact form, you’ve seen it: spam comes in waves. It eats time, kills trust, and burns out moderators.
DEV (and the broader Forem ecosystem) dealt with this pain for years. Their recent write-up explains how they’re using a hybrid moderation system—classic detection signals plus a large language model (Gemini 3)—to remove “obvious junk” before a human moderator ever has to look at it. The goal is straightforward: reduce moderator burnout and keep the platform usable. Source: DEV Team article Fighting Spam at Scale: How We Use Gemini to Protect the DEV Community (Jan 2026), plus Google Cloud documentation on Gemini for filtering and moderation in Vertex AI.
What matters here isn’t “we added AI.” It’s how they did it without drowning in false positives or blowing up costs.
What DEV got right (that most teams miss) ### 1) You won’t win with a single model DEV doesn’t send every post to Gemini with “tell me if this is spam.” They use a hybrid approach: - Algorithmic filtering up front: rules, signals, patterns, domain detection, repetition, suspicious behavior. Cheap and scalable. - Gemini 3 for judgment calls: ambiguous cases where you need to understand intent, relevance, and quality.
This is the right play because spammers win on volume. If you pay an LLM for every post, you’re basically funding the attacker. If you rely only on heuristics, you’ll get bypassed.
2) The priority is “no false positives” DEV explicitly prefers letting some spam slip through rather than removing legitimate content. That may sound counterintuitive, but it’s the only sustainable stance for community trust.
- a legitimate newcomer gets shadowbanned,
- a useful post disappears,
- users conclude “this place censors randomly.”
Trust is your #1 asset.
3) Author context changes everything DEV built an internal service called `ContentModerationLabeler` to assemble context for the model: - account age, - contribution history (posts/comments), - badges/activity, - profile summary.
A borderline post from a long-time contributor shouldn’t be judged like a post from an account created two hours ago.
That’s exactly how good fraud systems work: score the entity, not just the event.
The copyable architecture: a 4-layer anti-spam pipeline Here’s a pragmatic blueprint you can apply even in a small team.
Layer 1 — Basic hygiene (free and immediate) - Rate limiting (by IP, account, endpoint) - Email verification + friction for new accounts - reCAPTCHA/Turnstile on sensitive forms - Block known spam domains (denylist)
This alone can remove 30–60% of noise without any AI.
Layer 2 — Heuristics & signals (low-cost, high ROI) Useful signals include: - link-to-text ratio - repeated phrases (“Earn $$$ fast”, “crypto airdrop”, etc.) - similarity to other posts (hashing, embeddings) - posting velocity (10 posts in 2 minutes) - language/community mismatch
- 0–30: allow
- 31–70: review
- 71–100: auto action (quarantine/remove)
Layer 3 — LLM (Gemini) to decide ambiguous cases This is where DEV plugs in Gemini 3: send only content that’s “suspicious but not obvious.”
- classify (spam / low-quality / legit)
- return a confidence score
- provide 2–3 bullet reasons for internal auditing (not user-facing)
Gemini is also positioned in Google Cloud as a tool for filtering & moderation (Vertex AI) to enforce input/output guardrails, brand safety, and content policies (source: Google Cloud Vertex AI docs, Gemini for filtering and moderation).
Layer 4 — Humans + feedback loop - Prioritized moderation queue (the gray zone) - Community reporting (“this is spam”) with anti-abuse controls - Full logging: prompt, response, final decision - Iteration: update rules and prompts continuously
DEV mentions ongoing prompt and algorithm tweaks—expected, because spam tactics evolve.
The core: a moderation prompt that doesn’t hallucinate intent The common failure mode is a vague prompt that makes the model invent motives.
- a dedicated “content moderation” label
- explicit criteria: safety, quality, authenticity, community relevance, promotional spam signals
- inclusion of author context
A copyable prompt (pseudo):
You are a moderation classifier. Using the content and author context, return: > 1) verdict ∈ {legit, low_quality, spam} > 2) confidence ∈ [0,1] > 3) reasons: 3 factual bullets grounded in the text (no free inference) > Rule: minimize false positives. If uncertain, choose “low_quality” over “spam”, or “legit” if there’s no clear indicator.
That “minimize false positives” principle is explicitly aligned with DEV’s stance: “Err on the side of ‘no false positives’…” (source: DEV Team article).
Why now? The recent spam reality DEV notes spam volume labeled peaked in summer 2025 before the new systems fully rolled out (source: DEV Team article summary). That tracks with the 2024–2025 explosion of content farms and scripts producing “human-looking” posts at scale.
- mass-generated content,
- fake tutorials,
- disguised promotions,
- semi-legit accounts that warm up and then spam.
That’s where an LLM helps: it can assess quality and intent better than regex.
How to apply this in your business (without DEV-scale infra) ### Use case 1 — B2B SaaS support tickets - Layer 1: add friction to public forms - Layer 2: score by links, repetition, domains - Layer 3: Gemini classifies “legit vs spam vs phishing” - Output: auto-close + tag + security alert for phishing
Use case 2 — Marketplace listings / directories - LLM detects copy-paste listings, inconsistencies, unrealistic promises - Auto-quarantine if confidence > 0.9 - Otherwise publish with reduced visibility until trust increases
Use case 3 — Community (Discord, forum, comments) - Embeddings + similarity to catch waves - LLM only above a suspicion threshold - Progressive enforcement: limit first, ban on recurrence
Anti-bullshit guardrails (or you’ll break trust) 1) Don’t let the model take final action without thresholds. The model advises; your system decides. 2) Log everything for audits and appeals. 3) Prefer quarantine over deletion for borderline cases. 4) Measure false positives, moderator time saved, residual spam. 5) Control costs: call Gemini for only 5–20% of content (ambiguous cases). Everything else is heuristics.
Why this is an opportunity (not “AI will kill communities”) A lot of AI moderation discourse is pure FUD. In practice, used well, AI protects communities and gives time back to humans for what matters: nuance, education, and culture.
DEV’s approach is pragmatic: automate the obvious, keep humans for the subtle. That’s exactly the strategy you want as a founder: efficiency first, without sacrificing trust.
Want to automate your operations with AI? Book a 15-min call to discuss.