What's with the spam????
Posted: Thu Aug 10, 2006 1:40 pm
Anyone know why so much spam is filtering into the list lately?
D.K
D.K
Moho Forum
What's with the spam????
Page 1 of 1
Posted: Thu Aug 10, 2006 1:51 pm
Well, a failure of the spam filters! One of my brothers has been telling me about his constant battle against comment spam for years. They come up with something new; so do you... On and on. It never ends. Not much you can do but try and outsmart 'em, and they'll still find a way around pretty quick. The morons have the numbers, I suppose.
Posted: Thu Aug 10, 2006 3:15 pm
PArt of the reason is my internet connection was out during the day - so I didn't manage t oget ém on my shift - I'm now home so its been cleaned up.
It's not helped by the russians having a major spamfest over the past few days - they got my site too. I'm upgrading to 2.0.21 tonight so I might be able to report if the ipgrade has worked.
I'll talk to the php guys on thier forum and see if anyone has ideas to whose machine is doing all the damage. Whatever the spambot involved is, its bypassing the visual identification process. I have blocked all registration from *@*.ru - it helps but is not foolproof.
Give them a week and hopefully they will have cracked the loophole the bots are using.
Rhoel.
It's not helped by the russians having a major spamfest over the past few days - they got my site too. I'm upgrading to 2.0.21 tonight so I might be able to report if the ipgrade has worked.
I'll talk to the php guys on thier forum and see if anyone has ideas to whose machine is doing all the damage. Whatever the spambot involved is, its bypassing the visual identification process. I have blocked all registration from *@*.ru - it helps but is not foolproof.
Give them a week and hopefully they will have cracked the loophole the bots are using.
Rhoel.
Posted: Sun Aug 27, 2006 1:53 pm
we need spam busters..
now they are sending random bad jokes..
now they are sending random bad jokes..
Posted: Mon Aug 28, 2006 3:48 pm
and bad jokes suck
Posted: Mon Aug 28, 2006 10:05 pm
Ibis at flashfilmmaker.com has just tried something new which might be workable. You can read it here
http://www.2dcgi.com/forums/index.php/t ... 0.new.html
Basically he has gone to a paid membership or by invitation only mode to post, all can view. Before you scream read it. The basic idea is sound. Even a minimal fee of a few cents might make it hard and costly for spammers to flood forums with posts. If they have to go through paypal, credit card or another pay option that will also have built in processes that will make identifying them easier and like cockaroaches they won't like the light.
http://www.2dcgi.com/forums/index.php/t ... 0.new.html
Basically he has gone to a paid membership or by invitation only mode to post, all can view. Before you scream read it. The basic idea is sound. Even a minimal fee of a few cents might make it hard and costly for spammers to flood forums with posts. If they have to go through paypal, credit card or another pay option that will also have built in processes that will make identifying them easier and like cockaroaches they won't like the light.
Posted: Mon Aug 28, 2006 11:52 pm
I got banned from Flashfilmaker just as I was in the middle of an interesting thread about Moho and Flash.
It's not fair to punish new members for the sake of spam.
Even if it's only pennies, people aren't going to give out their credit card numbers, or any other bits of sensitive information for the right to post on a forum.
Paid membership eliminates spam at the expense of new visitors who are genuinely interested in signing up, and there will be a lot of interest once Anime Studio is released.
The spam IS annoying but may be the lesser of two evils. Unless there is registration software that can successfully filter out the bots.
It's not fair to punish new members for the sake of spam.
Even if it's only pennies, people aren't going to give out their credit card numbers, or any other bits of sensitive information for the right to post on a forum.
Paid membership eliminates spam at the expense of new visitors who are genuinely interested in signing up, and there will be a lot of interest once Anime Studio is released.
The spam IS annoying but may be the lesser of two evils. Unless there is registration software that can successfully filter out the bots.
Posted: Tue Aug 29, 2006 2:42 am
I'm not saying it is right for this forum, still it is a solution that will work. He didn't close the door totally as he said membership is also by invitation. You can still read and search threads. As a 'real user' you can probably contact him and ask to get invited in -just tell him you missed the cut off. The money, and or extra steps will trip up a lot of automated bots and we can always hope that the money for the stealth spammers from geovid and others won't want to pay -and then be blocked and lose money when they are banned.
Of course my vote would be for a spam filter that killed all these guys or moderators with tools to block users and so on but until then ...
Of course my vote would be for a spam filter that killed all these guys or moderators with tools to block users and so on but until then ...
Posted: Tue Aug 29, 2006 6:41 am
cribble wrote:and bad jokes suck
If only they were good jokes..
When they start spamming canned laughter, it's time to give up
Posted: Tue Aug 29, 2006 1:57 pm
What is actually needed is a modification to he code so the moderators/administrators can see the IP number of the new member:
The spam is automated and once an IP or IP block can be identified as a spam source (usually IRC servers), then you can stop them.
At present, we can't do that.
The next best thing is to have the user authentication turned on in the Admin sign-up are - that means they have to provide a valid email address before they can post. I have that turned on in my forum and over the past 3 weeks since this spam flood started, I have had no new messages get through.
It will be interesting to see what happens to the forum once the new program is released. Maybe that is the time to upgrade to the latest version, add the best fixes, and hopefully see less spam getting through.
BTW, you shouldn't see spam hanging around for more than a few hours. If you do, PM one of the moderators so we can deal with it.
Rhoel
The spam is automated and once an IP or IP block can be identified as a spam source (usually IRC servers), then you can stop them.
At present, we can't do that.
The next best thing is to have the user authentication turned on in the Admin sign-up are - that means they have to provide a valid email address before they can post. I have that turned on in my forum and over the past 3 weeks since this spam flood started, I have had no new messages get through.
It will be interesting to see what happens to the forum once the new program is released. Maybe that is the time to upgrade to the latest version, add the best fixes, and hopefully see less spam getting through.
BTW, you shouldn't see spam hanging around for more than a few hours. If you do, PM one of the moderators so we can deal with it.
Rhoel
Posted: Tue Aug 29, 2006 5:29 pm
Well, I'm sure the forum software has IP detection built into it.
The problem is determining the method used to create the accounts and spam postings...
If it's a zombie bot network doing the spamming, it may be next to impossible to filter it out by IP address without affecting legitimate users connected to the internet using the same ISP. Only some form of filtering by post content would be able to counter a situation like this, which, unfortunately, would place a tremendous load on the Lost Marble server causing a severe performance loss in the forum software.
If the situation is instead a series of spammers using a specific set of servers or a random series of proxy servers, it may be possible to defend against it using a .htaccess file, designed to deny site access to any known proxy servers in the list. This approach was particularly effective against known troublemakers back when I hosted the Think Secret forums. By creating a comprehensive list of all known proxy servers at the time (several thousand of them), I was able to deny access to all known proxy servers simultaneous, preventing anonymous attacks on the forum. After the user in question failed to get into the forum after trying 5 or 6 random proxy servers, they're only options were to either give up or use easily traceable IP addresses that could be easily disabled as they were used, eventually completely sealing off the forum to these intruders.
The only problem in creating such an elaborate setup, is that it requires a lot of effort to build the proxy server list (which can change ever few months), followed by diligent observation of forum activity for several days to follow. A user hell-bent on infiltration will use every trick in the book to outsmart you when your not looking. The only way to break the pattern is to convince the user in question that you are *always* watching.
The problem is determining the method used to create the accounts and spam postings...
If it's a zombie bot network doing the spamming, it may be next to impossible to filter it out by IP address without affecting legitimate users connected to the internet using the same ISP. Only some form of filtering by post content would be able to counter a situation like this, which, unfortunately, would place a tremendous load on the Lost Marble server causing a severe performance loss in the forum software.
If the situation is instead a series of spammers using a specific set of servers or a random series of proxy servers, it may be possible to defend against it using a .htaccess file, designed to deny site access to any known proxy servers in the list. This approach was particularly effective against known troublemakers back when I hosted the Think Secret forums. By creating a comprehensive list of all known proxy servers at the time (several thousand of them), I was able to deny access to all known proxy servers simultaneous, preventing anonymous attacks on the forum. After the user in question failed to get into the forum after trying 5 or 6 random proxy servers, they're only options were to either give up or use easily traceable IP addresses that could be easily disabled as they were used, eventually completely sealing off the forum to these intruders.
The only problem in creating such an elaborate setup, is that it requires a lot of effort to build the proxy server list (which can change ever few months), followed by diligent observation of forum activity for several days to follow. A user hell-bent on infiltration will use every trick in the book to outsmart you when your not looking. The only way to break the pattern is to convince the user in question that you are *always* watching.
Posted: Wed Aug 30, 2006 6:57 am
I have an idea, something like the poll feature. If a topic gets enough spam votes from different users, it would be possible to mark it as a spam. Maybe an old, trusted user's message requires much more votes than a new one's first message who registered two minutes ago.
I think the spammers are smart enough to hide the real meaning of the message from the software filters.
I think the spammers are smart enough to hide the real meaning of the message from the software filters.
Posted: Wed Aug 30, 2006 7:09 am
The forum should require a captcha to post:
http://en.wikipedia.org/wiki/Captcha
http://en.wikipedia.org/wiki/Captcha