Anti-Spam Thread!

The 2.0.x discussion forum has been locked; this will remain read-only. The 3.0.x discussion forum has been renamed phpBB Discussion.
Locked
TPFKAS
Registered User
Posts: 87
Joined: Thu Nov 18, 2004 10:59 pm

Spam domain database

Post by TPFKAS »

After going through the same as everybody else in this thread (captcha, installing the ACP mod and allowing zero personal info during registration, deleting users, banning domains etc.), I have a new idea.

I notice that many spammers come from the same domain. Building up my own ban database is taking ages. Couldn'w we generate a blacklist and put it up here somewhere so that it is easy to download and import in the database?

Yet, sometimes I have checked some of the spammers from unknown domains and then I see that the domains usually have only been created a few days before. Are they creating new domains just to use unsuspect email adresses for spam?

SpacePower
Registered User
Posts: 66
Joined: Wed Mar 16, 2005 9:04 pm
Location: Berlin, EU
Contact:

wrong captcha

Post by SpacePower »

I tried to post and first to register at Lithium Studios but my email was denied ("The entered email domain has no valid MX record") so I will post it here. I refer to the topic Incorrect Captcha Code...or not??.

I use this wonderful mod for two forums I admin and it saves me a lot of time because it filters out so many bots. Before I upload files to the server I test them at my local environment using apache webserver and everything looks fine also with the captcha image. After I uploaded the files it is still showing the old captcha image and from phpinfo I know that on both (local and server) GD - GD Support and FreeType Support are enabled. The only difference: local I use PHP Version 5.1.2 and on the server is PHP Version 4.4.4 installed but the other forum I also admin and where the captcha image looks fine also uses PHP Version 4.4.4. So there must be another thing with this. If you like I can send you the phpinfo files to compare.
Power to the Peaceful
My forum(s):
http://www.stayhuman.org/phpBB2
http://www.spearhead-home.com/phpBB2
My website:
Image

dpicella
Registered User
Posts: 33
Joined: Thu Nov 16, 2006 6:20 am

Is Better Captcha Really Better?

Post by dpicella »

I've been using better captcha (in conjunction with the anti-spam ACP, ConfusaBOT, and SpamWords).

Recently, I went to admin approval of all new accounts simply because I was still getting at least one new bogus user and a spam posting every day.

Still they register. I don't know why... they don't get a web listing in profile and the don't get a signature or anything else either. I delete them right away without activation (I know a spam account when I see one). Today, I deleted 3 already.

Question: I find it hard to believe that better captcha has already been broken by the spammers. Is there a way I can tell? Is there a way to tell if the registrations are bots that get through better captcha versus human entries? Any suggestions?

User avatar
EXreaction
Former Team Member
Posts: 5666
Joined: Sun Aug 21, 2005 9:31 pm
Location: Wisconsin, U.S.
Name: Nathan

Re: Spam domain database

Post by EXreaction »

TPFKAS wrote: After going through the same as everybody else in this thread (captcha, installing the ACP mod and allowing zero personal info during registration, deleting users, banning domains etc.), I have a new idea.

I notice that many spammers come from the same domain. Building up my own ban database is taking ages. Couldn'w we generate a blacklist and put it up here somewhere so that it is easy to download and import in the database?

Yet, sometimes I have checked some of the spammers from unknown domains and then I see that the domains usually have only been created a few days before. Are they creating new domains just to use unsuspect email adresses for spam?


You can ban entire domains...

Like these should work:
*@spam.info
*@*.ru


SpacePower wrote: I tried to post and first to register at Lithium Studios but my email was denied ("The entered email domain has no valid MX record") so I will post it here. I refer to the topic Incorrect Captcha Code...or not??.

I use this wonderful mod for two forums I admin and it saves me a lot of time because it filters out so many bots. Before I upload files to the server I test them at my local environment using apache webserver and everything looks fine also with the captcha image. After I uploaded the files it is still showing the old captcha image and from phpinfo I know that on both (local and server) GD - GD Support and FreeType Support are enabled. The only difference: local I use PHP Version 5.1.2 and on the server is PHP Version 4.4.4 installed but the other forum I also admin and where the captcha image looks fine also uses PHP Version 4.4.4. So there must be another thing with this. If you like I can send you the phpinfo files to compare.


Hmm, that is strange. Did you enter in a vaild email address when you registered? Try it once again, and if it does not work I can turn that off so it does not check.

Sure, send me the php info from your local host and server and I will check it out(send them via PM).


dpicella wrote: I've been using better captcha (in conjunction with the anti-spam ACP, ConfusaBOT, and SpamWords).

Recently, I went to admin approval of all new accounts simply because I was still getting at least one new bogus user and a spam posting every day.

Still they register. I don't know why... they don't get a web listing in profile and the don't get a signature or anything else either. I delete them right away without activation (I know a spam account when I see one). Today, I deleted 3 already.

Question: I find it hard to believe that better captcha has already been broken by the spammers. Is there a way I can tell? Is there a way to tell if the registrations are bots that get through better captcha versus human entries? Any suggestions?


Try updating Anti-Spam ACP to the latest version, that should help a lot. :)

dpicella
Registered User
Posts: 33
Joined: Thu Nov 16, 2006 6:20 am

RE: Upgrading to the latest antispam ACP

Post by dpicella »

How time consuming do you think it would be if I don't use subsliver or the automatic mod intallation tool (whatever the heck the name of that mod is I forgot)?

By the way ... you have banned *@*.ru too ... that will cut down on alot as well ... trust me on that one! You don't want anything from .ru !

TPFKAS
Registered User
Posts: 87
Joined: Thu Nov 18, 2004 10:59 pm

Post by TPFKAS »

You can ban entire domains...

Like these should work:
*@spam.info
*@*.ru


Yeah, that is what I do, but I keep adding domains and wouldn't it be great if we maintain a joint database of domain names?

alvo
Registered User
Posts: 712
Joined: Thu Jun 22, 2006 3:57 am

Post by alvo »

Trying to ban by domain means you'll never stop bot spam (unless you ban every domain in existence) as there will always be some new place for it to come from, especially once the spammers know a lot of people are blocking certain domains. Rather than letting them submit the registration information and then try to determine which is spam and which is legitimate, shy not simply stop the bots from being able to submit in the first place? Then it doesn't matter what their domain is or their IP address or their email. This is what the built in visual confirmation is supposed to do but doesn't anymore). Replacing it with something that does work, such as the myVIP Code mod or the Anti Bot Question mod will eliminate having to constantly manually look at who's registering and manually deleting the ones that got through.

User avatar
EXreaction
Former Team Member
Posts: 5666
Joined: Sun Aug 21, 2005 9:31 pm
Location: Wisconsin, U.S.
Name: Nathan

Re: RE: Upgrading to the latest antispam ACP

Post by EXreaction »

dpicella wrote: How time consuming do you think it would be if I don't use subsliver or the automatic mod intallation tool (whatever the heck the name of that mod is I forgot)?

By the way ... you have banned *@*.ru too ... that will cut down on alot as well ... trust me on that one! You don't want anything from .ru !


From what version?

TPFKAS wrote:
You can ban entire domains...

Like these should work:
*@spam.info
*@*.ru


Yeah, that is what I do, but I keep adding domains and wouldn't it be great if we maintain a joint database of domain names?


There is a work in progress for something like that. I do not remember the name of it anymore.

dpicella
Registered User
Posts: 33
Joined: Thu Nov 16, 2006 6:20 am

Upgrading Anti-Spam ACP

Post by dpicella »

From 1.1.02

If worse came to worse, I can put all the original code back and then install.

User avatar
EXreaction
Former Team Member
Posts: 5666
Joined: Sun Aug 21, 2005 9:31 pm
Location: Wisconsin, U.S.
Name: Nathan

Re: Upgrading Anti-Spam ACP

Post by EXreaction »

dpicella wrote: From 1.1.02

If worse came to worse, I can put all the original code back and then install.


About 30 minutes to upgrade(it takes about the same amount of time that it would to install a clean install).

Sean O'Connor
Registered User
Posts: 16
Joined: Tue Aug 30, 2005 3:55 pm

Post by Sean O'Connor »

Maybe if we all spam these message boards with Viagra ads ourselves the phpBB development people will take a hint and add some better spam blocking/deleting features to version 2.


;)

NeoThermic
Security Consultant
Posts: 2141
Joined: Thu Dec 25, 2003 1:33 am
Location: United Kingdom
Contact:

Post by NeoThermic »

Sean O'Connor wrote: Maybe if we all spam these message boards with Viagra ads ourselves the phpBB development people will take a hint and add some better spam blocking/deleting features to version 2.


;)


Well, the only thing that would get you is banned ;)

phpBB 2.0 is feature frozen. Better anti-spam solutions exist in phpBB 3, which is in beta still. For phpBB 2.0, one will have to resort to adding modifications, but this is the way of feature frozen items.

(As a side note, I highly recommend bbProtection for your anti-spam needs)

NeoThermic
NeoThermic.com... a well of information. Ask me for the bit bucket so you can drink its goodness. ||新熱です

JulieJesta
Registered User
Posts: 116
Joined: Mon Oct 16, 2006 8:39 am
Location: England
Contact:

Post by JulieJesta »

TPFKAS wrote:
You can ban entire domains...

Like these should work:
*@spam.info
*@*.ru


Yeah, that is what I do, but I keep adding domains and wouldn't it be great if we maintain a joint database of domain names?


i recommend looking at http://www.bbprotection.net as that is what you are describbing. :) hope its ok to post this link?
Julie, Mum to 1 boy, 1 boyfriend, and many fluffy pets. :)
http://www.parentstime.co.uk

dpicella
Registered User
Posts: 33
Joined: Thu Nov 16, 2006 6:20 am

bbprotection

Post by dpicella »

bbprotection

I've tried blacklisting... I had a blacklist of almost 6,000 IP that were captured by a site that does nothing but register IPs of bad bots.

Not sure this is the way to go...

The blacklists will ultimately grow to an overwhealmingly enormous volume and wind up containing email addressess that are abandoned after one use as well as legitmate IPs that you probably don't want to block especially if the person(s) (or organization of individuals) behind the IP have been unnkowiningly abused by the spammer.

SpacePower
Registered User
Posts: 66
Joined: Wed Mar 16, 2005 9:04 pm
Location: Berlin, EU
Contact:

Re: Spam domain database

Post by SpacePower »

EXreaction wrote: ...Did you enter in a vaild email address when you registered?

Sure, send me the php info from your local host and server and I will check it out(send them via PM).


I used this one from the signature. Any other I tried to use were also denied. Has it something to do with the "-" in the hostname?

Ok I will send you the info-files within the next days.
Power to the Peaceful
My forum(s):
http://www.stayhuman.org/phpBB2
http://www.spearhead-home.com/phpBB2
My website:
Image

Locked

Return to “2.0.x Discussion”