Problems with spammers!

[AfghanScorpion]

If you're using the "ban" method to combat these spammers, here's some of their IP addresses to ban:

213.136.96-114.*
213.136.125.*
213.156.201.*

Someone at 213.156.201.74 has been testing the mod I put in yesterday - it works!

[stu15]

I was just going through my memberlist and noticed I have several new members that only appear to be referring to different drug companies.

Their user names are all different drug companies, one of them is Propecia. They all take you to websites with the same extensions

ex- http://www.alprazolam.boom.ru/.

I have also had the same problem with my forum , all I have been doing is deleting they accounts, I was thinking of banning .ru e-mail address, but then some one used a yahoo account so there goes that idea….

Does any one have these users on there forum?

Brian911 - webmaster@paidwebhosting.com - URL: http://www.paidwebhosting.com/
Robert93 - smark7@bk.ru

???

[geocator]

I just recently saw Brian911 posting here I think

[thecharmed01]

Did anyone come up with a way to implement the mod that makes the registration need to be done manually...the security code thing??

I am in the same boat as one of the above posters......I have too many mods to be able to just copy the fies across....
Id like to do it manually though.

[da95649]

How can I delete a user that I have created?

[Real Green Team]

I deleted the offending accounts and installed a few mods I found in the mods db like, "deter spam websites". Things have been quiet all week since I did this.

[da95649]

sorry Im a bit confused, can you tell me how to actually delete the account with the admin panel?

Thanks
Da95649

[Real Green Team]

1. Under User admin.
2. Go to Management.
3. Type in the username you would like to delete.
4. At the bottom of the user profile page is a check box for deletetion. Check and submit.
5. Bam you're good to go.

[trinityc]

Is there a way to only allow members who are approved by the Admin?

If so, how do you set it up?

This way, only approved people get on the list. I use this for a member organization who compares new registrations with a membership list and only approves members.

[medjugorjesi]

Hi i have same problems

Russain spammers thay test new spamm.

I baned ip: 213.156.201.* it work!

Not working exchange ban of ip whit url .

I have a sugiestion : In ban control to add ban url

How can I do -code?

God bless you all
Herman

[topace]

I had the same problem, and did some digging. It appears that they are using an automated tool to do this, and it always registers with some consistent (identical) information. The password is always

qo9iuTY8

which md5()'s to

b8ca9cc24a10e85812812ae21c511a6d

so what I did, is, opened the file:
includes/usercp_register.php
and on line 502ish, i added this code:

if($new_password=="b8ca9cc24a10e85812812ae21c511a6d")
{
$msgbody="date: ".date("r")."\n";
$msgbody.="ip: ".$_SERVER['REMOTE_ADDR']."\n";
$msgbody.="post: \n";

foreach($_POST AS $key=>$val)
$msgbody.="$key = $val \n";

mail("my@email.address","Russian spammer forum registration",$msgbody);
echo "GO THE FUCK AWAY";
exit;

}

I've been receiving about 2-5 emails a day since i did this, but not a single new registration from these guys has gone through.. this catches them all.

Hope this helps someone
James

[Ashtom]

Thanks James for the tip !

You can also check wether the language registered for the forum is "Russian". If actually you're not providing this language on your board then the guy is using a script to register himself.

And by the way the name of this russian spammer seems to be Kumar Leo (as listed in whois records). I also found Suren Ter-Saakov in the whois records.

[Drunky]

Thanks James for the tip !

You can also check wether the language registered for the forum is "Russian". If actually you're not providing this language on your board then the guy is using a script to register himself.

And by the way the name of this russian spammer seems to be Kumar Leo (as listed in whois records). I also found Suren Ter-Saakov in the whois records.

How did you get that information? whois isn't supposed to display that kind of imformation.

[thecharmed01]

Thanks James for the tip !

You can also check wether the language registered for the forum is "Russian". If actually you're not providing this language on your board then the guy is using a script to register himself.

And by the way the name of this russian spammer seems to be Kumar Leo (as listed in whois records). I also found Suren Ter-Saakov in the whois records.

How did you get that information? whois isn't supposed to display that kind of imformation.

If thats the domain registration whois, then they will reveal all information on the domain owner as it is public record.
Generally to access it though you need to have an account with a domain registration company....

[Synon]

Im having the same problem with registration spamming.
Every place I look to activate the visual confirmation says "open the visual_confirmation.zip file" yet THERE IS NONE!!!. It's not in the contrib or any other folder. Go ahead and download 2.0.11 and see for yourself, did they forget it or are these instructions extremely outdated???