[Discuss] Preventing Spam in phpBB3

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Ideas Centre
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
User avatar
InfoSecSual69
Registered User
Posts: 31
Joined: Sun May 29, 2011 12:11 pm
Location: Novosibirsk, Russia
Name: Gennady FUBARed
Contact:

Re: [Discuss] Preventing Spam in phpBB3

Post by InfoSecSual69 »

Martin Truckenbrodt wrote:human spammer
I believe the term "human spammer" is highly improper and harmful term which should be avoided as it misleads to believe that:
  • there are pure machine/automatic spammers or purely machine/automatic spam
    spamming can be solved by purely technical approaches
    while there are
  • jurisprudence,
  • social,
  • economic,
  • ethical,
  • moral
    evolving/changing in time problems).

    Spamming is not technical problem and cannot be solved technically
  • Spamming can be solved by some miracle "silver bullet", once and for ever.
    It can't since techniques, technologies, laws, practices are evolving/changing in timede-jure and de-facto)
Martin Truckenbrodt wrote:In some details I'm not absolutely sure. But for it doesn't matter what's really acting. I see and I know what I want to fight. That's enough for me
I am sure that you don't know what you are fighting with

it is impossible to determine professional spam and professional spammer either pro grammatically or manually, if it is by real professionals and professional bots. Most of what you fight and call spam falls under:
  • vandalism,
  • fighting/compromising competitors, not only economic but ideological and political ones
  • hooliganism,
  • sabotage,
  • subvertsion,
  • provocation
  • SEO-promoting or product marketing by amateurs, beginners, non-professionals, that (temporarily) misunderstanding SEO principles or netiquette
which has nothing to do with spammers or spam.
It is originated from more broad (if not the whole) human audience of internet and impossible/senseless to fight without refining your definitions, objectives or you will end-up blocking and blacklisting the whole internet

Plz read For Bloggers Who Hate Comment Spam
User avatar
jsebean
Registered User
Posts: 378
Joined: Sat Dec 12, 2009 3:20 pm
Location: Atlantic Canada
Name: Jonah
Contact:

Re: [Discuss] Preventing Spam in phpBB3

Post by jsebean »

I disagree the term "human spammer" is improper, I still intend to continue to use it. In the world of preventing spam and with captchas, there are two types:
- Human spammers - people, in a browser, browsing the web and registering manually on a site to post spam.
- Spambots - While programmed by a human and triggered by "a human", they bot itself is not human.

We all know the difference.
-Jonah
:lol:
Tony Stark
Registered User
Posts: 516
Joined: Thu Apr 08, 2010 8:22 pm

Re: [Discuss] Preventing Spam in phpBB3

Post by Tony Stark »

Considering spam bots were joining my site at the rate of about 100 a day and today 0 joined, I think I've eliminated them. But I had to take extraordinary measures to do it. I changed the registration question to what's the code? The answer is a random combination of upper- and lower-case letters and digits. This now means that no one can join my site unless I or another member gives them the exact code. I wanted people to be able to join without any hassle. Now that's ruined. Fuck you, spam bots.
User avatar
jsebean
Registered User
Posts: 378
Joined: Sat Dec 12, 2009 3:20 pm
Location: Atlantic Canada
Name: Jonah
Contact:

Re: [Discuss] Preventing Spam in phpBB3

Post by jsebean »

Tony Stark wrote:Considering spam bots were joining my site at the rate of about 100 a day and today 0 joined, I think I've eliminated them. But I had to take extraordinary measures to do it. I changed the registration question to what's the code? The answer is a random combination of upper- and lower-case letters and digits. This now means that no one can join my site unless I or another member gives them the exact code. I wanted people to be able to join without any hassle. Now that's ruined. *beep* you, spam bots.
That's not necessary, Q&A can be effective without going that extreme. Alternativly, have you checked out this captcha mod, you need to use your own images. There are lots of other captcha plugins for phpBB available to use but thats the most effective for me.
-Jonah
:lol:
Tony Stark
Registered User
Posts: 516
Joined: Thu Apr 08, 2010 8:22 pm

Re: [Discuss] Preventing Spam in phpBB3

Post by Tony Stark »

jsbean wrote:
Tony Stark wrote:Considering spam bots were joining my site at the rate of about 100 a day and today 0 joined, I think I've eliminated them. But I had to take extraordinary measures to do it. I changed the registration question to what's the code? The answer is a random combination of upper- and lower-case letters and digits. This now means that no one can join my site unless I or another member gives them the exact code. I wanted people to be able to join without any hassle. Now that's ruined. *beep* you, spam bots.
That's not necessary, Q&A can be effective without going that extreme. Alternativly, have you checked out this captcha mod, you need to use your own images. There are lots of other captcha plugins for phpBB available to use but thats the most effective for me.
Hi. I downloaded that mod, but I can't find the instructions for it.
User avatar
jsebean
Registered User
Posts: 378
Joined: Sat Dec 12, 2009 3:20 pm
Location: Atlantic Canada
Name: Jonah
Contact:

Re: [Discuss] Preventing Spam in phpBB3

Post by jsebean »

Tony Stark wrote:
jsbean wrote:
Tony Stark wrote:Considering spam bots were joining my site at the rate of about 100 a day and today 0 joined, I think I've eliminated them. But I had to take extraordinary measures to do it. I changed the registration question to what's the code? The answer is a random combination of upper- and lower-case letters and digits. This now means that no one can join my site unless I or another member gives them the exact code. I wanted people to be able to join without any hassle. Now that's ruined. *beep* you, spam bots.
That's not necessary, Q&A can be effective without going that extreme. Alternativly, have you checked out this captcha mod, you need to use your own images. There are lots of other captcha plugins for phpBB available to use but thats the most effective for me.
Hi. I downloaded that mod, but I can't find the instructions for it.
Hey Tony,
Check the Contrib Folder and the file "Add More Categories". It explains on setting the mod up with your own images.
-Jonah
:lol:
Tony Stark
Registered User
Posts: 516
Joined: Thu Apr 08, 2010 8:22 pm

Re: [Discuss] Preventing Spam in phpBB3

Post by Tony Stark »

jsbean wrote:
Tony Stark wrote:
jsbean wrote:
Tony Stark wrote:Considering spam bots were joining my site at the rate of about 100 a day and today 0 joined, I think I've eliminated them. But I had to take extraordinary measures to do it. I changed the registration question to what's the code? The answer is a random combination of upper- and lower-case letters and digits. This now means that no one can join my site unless I or another member gives them the exact code. I wanted people to be able to join without any hassle. Now that's ruined. *beep* you, spam bots.
That's not necessary, Q&A can be effective without going that extreme. Alternativly, have you checked out this captcha mod, you need to use your own images. There are lots of other captcha plugins for phpBB available to use but thats the most effective for me.
Hi. I downloaded that mod, but I can't find the instructions for it.
Hey Tony,
Check the Contrib Folder and the file "Add More Categories". It explains on setting the mod up with your own images.
Thanks.
User avatar
InfoSecSual69
Registered User
Posts: 31
Joined: Sun May 29, 2011 12:11 pm
Location: Novosibirsk, Russia
Name: Gennady FUBARed
Contact:

Re: [Discuss] Preventing Spam in phpBB3

Post by InfoSecSual69 »

jsbean wrote:We all know the difference.
I don't. And you don't
Neither I not you will determine really professional spam and/or the professional use of professional spam bots
jsbean wrote:I disagree the term "human spammer" is improper, I still intend to continue to use it. In the world of preventing spam and with captchas, there are two types:
- Human spammers - people, in a browser, browsing the web and registering manually on a site to post spam.
- Spambots - While programmed by a human and triggered by "a human", they bot itself is not human
The script through which I edit and submit this post is spambot, by this your definition

So, you named me a spammer using spambot by this post

What is your definition of spam and legit user, then?

And the exapmle to what are consequences of unclear definitions:
Tony Stark wrote:Considering spam bots were joining my site at the rate of about 100 a day and today 0 joined, I think I've eliminated them. But I had to take extraordinary measures to do it. I changed the registration question to what's the code? The answer is a random combination of upper- and lower-case letters and digits. This now means that no one can join my site unless I or another member gives them the exact code. I wanted people to be able to join without any hassle. Now that's ruined. *beep* you, spam bots
More complex questions excludes legit human users but only delays motivated/interested spammers and spambots.
Now if you give the exact code to "human spammer", he would put into database of spambot to continue its use. Or spambot operator can put answers into spambot database manually to continue registering automatically or he can register manually to continue posting automatically

It is not the complexity of questions that stops bots but their ongoing changing.
They don't need to be complex but just not use before (or absent in spambot database).

And there is no "silver bullet" to stop spam once and forever, it is ongoing maintenance job
Last edited by InfoSecSual69 on Tue Jan 24, 2012 2:26 am, edited 1 time in total.
jatintalwar
Registered User
Posts: 135
Joined: Sun Jul 05, 2009 10:21 am
Location: India , New Delhi

Re: [Discuss] Preventing Spam in phpBB3

Post by jatintalwar »

Guys
We have a sudden increase in spammers on the forum www.camshotsindia.com since 1 month or so ,just before updating it from 3.0.9 to3.0.10
I have tried switching the Q &A captcha , 3D captcha and GD Captcha , but nothing is helping .
Though the activation by admin is turned on , but still lots of spams activation requests are coming in ...
Plz suggest measures
Thanks a lot
Regards,
Dr.Jatin Talwar & Deepak Khurana
Camshotsindia Forum
User avatar
Noxwizard
Support Team Leader
Support Team Leader
Posts: 10406
Joined: Mon Jun 27, 2005 8:41 pm
Location: Texas, USA
Name: Patrick Webster
Contact:

Re: [Discuss] Preventing Spam in phpBB3

Post by Noxwizard »

If you want to discuss the differences between automated, assisted, and human spammers, that's fine, but this topic is not the place for it. This topic is about preventing it, not arguing over what to call it. If you want to continue that line of discussion, take it up in PMs.
[Support Template] - [Read Before Posting] - [phpBB Knowledge Base]
Do not contact me for private support, please share the question in our forums.
User avatar
InfoSecSual69
Registered User
Posts: 31
Joined: Sun May 29, 2011 12:11 pm
Location: Novosibirsk, Russia
Name: Gennady FUBARed
Contact:

Re: [Discuss] Preventing Spam in phpBB3

Post by InfoSecSual69 »

Noxwizard wrote:If you want to discuss the differences between automated, assisted, and human spammers, that's fine, but this topic is not the place for it. This topic is about preventing it, not arguing over what to call it. If you want to continue that line of discussion, take it up in PMs.
That's exactly what I have done.

Explained that the problem in preventing the spam arise from understanding these differences and proposed to stop spambots by (a more frequent/regular) changing simple questions (not yet in spam bot database) rather than trying in vain to create (rarely or once and forever) complicated question(s) (that do not stop but only delay bots but exclude legit users)
jatintalwar wrote:Guys
We have a sudden increase in spammers on the forum http://www.camshotsindia.com since 1 month or so ,just before updating it from 3.0.9 to3.0.10
I have tried switching the Q &A captcha , 3D captcha and GD Captcha , but nothing is helping .
Though the activation by admin is turned on , but still lots of spams activation requests are coming in ...
Plz suggest measures
Thanks a lot
I believe that the solution lie in in the ongoing monitoring and maintenance of a chosen antispam measure rather than fruitless hunting for a magic "silver bullet" (a solution once and for ever that IMO does not and cannot exist, read my previous posts in this thread)

Update:
And if you see 1-20 ugly senseless !@#%$^ names, emails, bad English or senseless inhuman posts, it is more than probable that it is not because bots broke (and it is not spam which is not so easily to detect) through but because spammers might do it manually in order to confuse anti-spam filters and/or provoke web masters to start frenetically re-installing, replacing, re-configuring, adding stack of new mods, etc. disrupting their sits anв protections...
giorgiogio48
Registered User
Posts: 49
Joined: Sat May 07, 2005 4:41 pm

Re: [Discuss] Preventing Spam in phpBB3

Post by giorgiogio48 »

Spambots stopped! No capcha neither recaptcha or other countermeasures. Here is the man who stopped spambots: Eddie Yee Tak Ma. All we need is a custom profile field with an exact answer. All is explained by Eddie Yee Tak Ma. This is the link: http://eddiema.ca/2011/12/29/fighting-s ... on-phpbb3/. Succesfully tested by me.
Goodbye everybody.
Pit$Bull
Former Team Member
Posts: 23099
Joined: Sat Dec 02, 2006 4:08 pm
Name: Can't Remember

Re: [Discuss] Preventing Spam in phpBB3

Post by Pit$Bull »

@giorgiogio48
Why go to that trouble when the built in Q&A CAPTCHA does the same thing. :roll:
giorgiogio48
Registered User
Posts: 49
Joined: Sat May 07, 2005 4:41 pm

Re: [Discuss] Preventing Spam in phpBB3

Post by giorgiogio48 »

Pit$Bull wrote:@giorgiogio48
Why go to that trouble when the built in Q&A CAPTCHA does the same thing. :roll:
I had spambot on my forum despite Q&A CAPTCHA and other countermeasures
Regards
Pit$Bull
Former Team Member
Posts: 23099
Joined: Sat Dec 02, 2006 4:08 pm
Name: Can't Remember

Re: [Discuss] Preventing Spam in phpBB3

Post by Pit$Bull »

There is no difference between a custom profile field and the Q&A. Maybe you are confused.
Locked

Return to “[3.0.x] Support Forum”