Page 18 of 41

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Wed Sep 15, 2010 6:28 am
by ric323
dartiss wrote:Most of the advise in this thread appears to concentrate on the automated spam. However, my board is being plagued by spam created by apparently legitimate sign ups. They are not automated bots, so captcha's don't help, but real people signing up and then posting spam posts en masse.
...
You may be correct, but how do you know they are "real people" ?

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Wed Sep 15, 2010 7:05 am
by dartiss
ric323 wrote:You may be correct, but how do you know they are "real people" ?
They're confirming, by email, their registration, setting us signatures, etc.

David,

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Wed Sep 15, 2010 8:51 am
by ric323
dartiss wrote:
ric323 wrote:You may be correct, but how do you know they are "real people" ?
They're confirming, by email, their registration, setting us signatures, etc.

David,
SPAMbots can do all those things automatically. That is why this topic exists.

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Fri Sep 17, 2010 1:55 am
by Pony99CA
dartiss wrote:Most of the advise in this thread appears to concentrate on the automated spam. However, my board is being plagued by spam created by apparently legitimate sign ups. They are not automated bots, so captcha's don't help, but real people signing up and then posting spam posts en masse.

I've looked into setting up new users so that their initial posts have to be authorised, but the administrator of the board says, because emails for these aren't generated, it's taking up too much of his time to keep his eye on the board for any being posted (he only pops on every day or say - the board isn't *that* busy).
There's no real good way to stop human spammers. Blocking initial posts can help, but a dedicated spammer will post one innocuous post, get it approved, and then spam you like crazy.

You can try banning IP addresses, but if those are shared, you might be banning other people. That said, I've banned IP ranges from my entire Web site; they're in China and have submitted false URLs against my site, so I've blocked them because I really don't care if Chinese users can see my site. Blocking IP ranges in known spam countries (China, Russia, India, Pakistan, etc.) might help if you don't cater to users in those countries.

I've also blocked all *.cn, *.ua and *.ru E-mail addresses and have an extensive list of disallowed names (anything with "viagra", for example).

Steve

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Fri Sep 17, 2010 1:23 pm
by Martin Truckenbrodt
Hello,
there is one good way to block human spammers: blocking with DNS (or with HTTP) blacklists. :roll: Just try it!

Bye Martin

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Sat Sep 18, 2010 2:16 am
by Kerrith
Can I, as admin, insert URLs in posts but not allow others to insert URLs in their posts or replies?

Thanks,

Kerry
3.0.7-PL1

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Sat Sep 18, 2010 2:31 am
by Kerrith
I've got a persistent spammer who registers with a different user name each time (such as xmhbfr123) and a different prefix for their email address but the same address each time (for example klmno124@chongsoft.com or hijk@chongsoft.com ) They use @chongsoft.com each time so I can't ban by email address.

Other than this pain-in-the-butt I have very few spammers.

Any suggestion other than setting it to Admin approval for each registration?

Thanks
Kerry
phpBB3.0.7-PL1

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Sat Sep 18, 2010 2:43 am
by tbackoff
Kerrith wrote:different prefix for their email address but the same address each time (for example klmno124@chongsoft.com or hijk@chongsoft.com ) They use @chongsoft.com each time so I can't ban by email address.
You can ban by domain. I would imagine *@chongsoft.com would suffice.
Kerrith wrote:Any suggestion other than setting it to Admin approval for each registration?
If you are not very fond of banning emails, have you tried implementing the Newly Registered Users group and requiring the first x number of posts to be approved?

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Sat Sep 18, 2010 2:48 am
by Kerrith
Hi t_backoff

Will try "banning by domain" and "Newly Registered Users group and requiring the first x number of posts to be approved?"

Thanks,

Kerry

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Sat Sep 18, 2010 8:10 am
by noth
Kerrith wrote: (for example klmno124@chongsoft.com or hijk@chongsoft.com ) They use @chongsoft.com each time so I can't ban by email address.

Other than this pain-in-the-butt I have very few spammers.

Any suggestion other than setting it to Admin approval for each registration?

Thanks
Kerry
phpBB3.0.7-PL1
I have set one of my boards to admin approval simply because my members were going nuts about one member turned bad
when banned he opened multiple accounts and found his way around IP

I thought this would cause me huge problems but when you sign up to a board with registration checked by admin approval the user is not ambushed!

they see this
Please note that you will need to enter a valid e-mail address before your account is activated. The administrator will review your account and if approved you will receive an e-mail at the address you specified.
so they KNOW that the acount will be reviewed by an Adminstrator

it's not an ambush where they get told AFTER registering

they get told BEFORE (so many spammers/ idiots decide not to even bother registering there and then!)

the problem with "Admin approval for each registration" is that you begin to wonder if you are "losing members"

what is actually happening is that you are losing a huge amount of spammers and other people who are not that bothered but it's a test of nerves for the Admin

as for chongsoft, jees they should be hunted down by some special spam investigation unit, I think every phpBB forum has seen *@chong* signing up

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Sat Sep 18, 2010 8:23 am
by Martin Truckenbrodt
Hello,
you can use Double Activation (User+Admin). Then the new users first have to confirm their email addresses. And then Admin have to do a approval. So all users (spammers) with not valid email addresses and all users (spammers) whom are not confirming their email addresses automatically will not been activated automatically.

But if you want to work with IP addresses to get the spammers then you should use DNS blacklists to block them. Why to fill and maintain your own local BAN_TABLE if you could use third party databases maintained by policies automatically insteat?
Then Double Activation is not needed really. Then Double Activation is just a nice-to-have.

Bye Martin

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Sat Sep 18, 2010 8:38 am
by noth
so if you just set it to ADMIN ...... the user's email address is not validated? :o

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Posted: Sat Sep 18, 2010 8:47 am
by Martin Truckenbrodt
Hello,
yes. You've got it!

Bye Martin

Spam

Posted: Sun Sep 19, 2010 6:09 am
by oriolesprospects
The spam post stickied to the top is excellent. One additional question.

I have a custom profile field asking for the # of a player & the recaptcha. Do I need both or should the recaptcha work fine on it's own?

Re: Spam

Posted: Sun Sep 19, 2010 6:42 am
by Mick
oriolesprospects wrote:I have a custom profile field asking for the # of a player & the recaptcha. Do I need both or should the recaptcha work fine on it's own?
It's whatever works for you and your situation, try it and see what happens ;)