[Split] Using Advanced Block Mod to Prevent Spam

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Scam Warning
Post Reply
User avatar
Martin Truckenbrodt
Registered User
Posts: 3045
Joined: Sun Mar 23, 2003 6:22 pm
Location: Franconia
Name: Martin Truckenbrodt
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Martin Truckenbrodt » Mon Mar 28, 2011 7:07 pm

Hello Callum95,
are you KeyCAPTCHA? :?

BTW: What's your experience with the use of backlists to prevent forum spam? What's your experience with ABM?

Bye Martin
Free tutorial: Installing MODs in phpBB 3.0
Advanced Block MOD - Prevent spam on your phpBB 3.0 board with Stop Forum Spam, BotScout, Akismet, Project Honey Pot and several IP-RBL and Domain-RBL DNS blacklists!
My MODs
Use the official phpBB Ideas to vote missing core features!!!

User avatar
Martin Truckenbrodt
Registered User
Posts: 3045
Joined: Sun Mar 23, 2003 6:22 pm
Location: Franconia
Name: Martin Truckenbrodt
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Martin Truckenbrodt » Mon Mar 28, 2011 8:18 pm

Hello KeyCAPTCHA,
I want to try to help you a little bit with your personal problem with blacklists. I've been using WHOIS and http://www.dnsbl.info to analyse your problem.

Your mail server is mail.keycaptcha.com 78.159.119.245 . It seems that you don't have a second server e.g. for backup. IMO not a good idea.
Your webserver is 78.159.127.150.

On the first look it's a little bit strange. Your email server is not blacklisted on any DNS blacklist used on http://www.dnsbl.info . This is good! But your webserver is blacklisted on sbl.spamhaus.org. :?

Now I know where your example comes from. ;)

Your webserver is blacklisted only on sbl.spamhaus.org (and other spamhaus blacklists which are using the sbl.spamhaus.org blacklist, too - e.g. zen.spamhaus.org or sbl-xbl.spamhaus.org).
Here is the policy for this blacklists http://www.spamhaus.org/sbl/policy.html .
So if the blacklist is running well then this should mean that your are sending unsolicited bulk email from your webservers ip address 78.159.127.150 .

Spamhaus definition of UBE: http://www.spamhaus.org/definition.html
Wikipedia: http://en.wikipedia.org/wiki/E-mail_spam

So we can see that the sbl.spamhaus.org blacklist is used to prevent email spam only!

IMO there could be only one reason why your webserver is blacklisted:
You (or hackers) are sending emails directly from your webserver through the internet via SMTP using a simple DNS MX query. Then the sending smtp server is your webserver and not your official mail server! This is not good and not "allowed". In other words: This is not a good idea for legitimate emails.

You should configure all scripts and forms on your webserver to send the emails via your official smtp server mail.keycaptcha.com . I'm quite sure that then your problem with spamhaus.org should be solved after some days or weeks.

Please notice:
ABM would not block the ip addresses of your webserver and your mail server. ABM needs an entry at least on a second blacklist, too. As I told you in an other post I gave the spamhaus.org blacklist a weight value of 4 by default. But a threshold value fo 5 is needed to be blocked. I know that spamhaus.org can give some false positives if you want to prevent forum spam with this blacklist.

So I've tested your two ip addreses with the best anti forum spam databases ATLBL and StopForumSpam I know at this time.
Both of your ip addresses are not listed on these databases. So I'm quite sure that you are not a forum spammer! ;) :D

BTW:
Your mail servers ip address gives me back the hostname ns1.stardays.ru . So it seems that you are a customer of Leaseweb Germany GmbH (previously netdirekt e. K.). And your mail server is placed in Germany.

Although ap.keycaptcatcha.com which I could find in the smtp header of a keycaptcha.com registration email goes to germany.

But your webserver seems to be placed in Russia. A tracert first goes to netdirekt in Germany or Belgium and then it is broken. :?

This is the globalised world! :)

Bye Martin
Free tutorial: Installing MODs in phpBB 3.0
Advanced Block MOD - Prevent spam on your phpBB 3.0 board with Stop Forum Spam, BotScout, Akismet, Project Honey Pot and several IP-RBL and Domain-RBL DNS blacklists!
My MODs
Use the official phpBB Ideas to vote missing core features!!!

User avatar
KeyCAPTCHA
Registered User
Posts: 66
Joined: Sun Nov 14, 2010 8:32 am
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by KeyCAPTCHA » Tue Mar 29, 2011 4:20 am

Martin Truckenbrodt wrote:Hello KeyCAPTCHA,
I'd appreciate if you stop calling me by an account nickname/ID.
My name is Gennady, it is clearly indicated in the right sidebar of every my post
and you know it well since you addressed me by my name Gennady in PM.
I have not ever named you by ABM...
Martin Truckenbrodt wrote:I want to try to help you a little bit with your personal problem
My "personal" problem has nothing to do with KeyCAPTCHA.com website
I clearly indicated, more than once, that my home-IP-addresses of completely different ISP is blacklisted frequently preventing my private registering and posting in forums, commenting in blogs.
It has nothing to do with keycaptcha's mail server in Germany and as such you do not even know it

My home-IP-address is black address shared externally by thousands of my home-ISP users.
It is senseless either to blacklist or to de-blacklist it

I have never publicly asked anybody to help me with IP-address de-blacklisting
(with any IP-addresses, even less with shared ones of my home-ISP or of my company's dedicated IP-addresses).
Martin Truckenbrodt wrote:So if the blacklist is running well then this should mean that your are sending unsolicited bulk email from your webservers ip address 78.159.127.150
This is direct slander.
KeyCAPTCHA.com has never ever sent either unsolicited Emai or bulk Emails

I immediately flagged your post asking moderators to delete it,
as being unsolicited off-topic, incorrect and publicly harming to my company's antispam service.
I do not know why this request was ignored.

So, I am forced to respond and directly name what you are publicly and openly doing:
- black-slandering
- black listing


KeyCAPTCHA.com mail server has always been used to communicate with KeyCAPTCHA customers
(to send activation kink in the process of registration, to respond to oopened support tickets, etc.)
ONLY!
Martin Truckenbrodt wrote:IMO there could be only one reason why your webserver is blacklisted:
I am wasting my time here:
1)
I already addressed these issues in my previous posts
And you clearly repeating yourself without reading already provided answers
2)
Please stop answering, at least addressing KeyCAPTCHA, the questions that KeyCAPTCHA Team has never ever asked anybody
3)
Your expertise, with references to wikipedia in context of concrete (SpamHaus) case is amateurish
3a)
Users of particular IP-addresses cannot contact SpamHaus, it can do only ISPs
3b)
KeyCAPTCHA services use 7*24*365 datacenters rented in many more countries
(and with many more IP-addresses)
not only in those you mentioned.
You cannot trace them all
3c)
Mentioned by you IP-addresses, used by KeyCAPTCHA,
are not blacklisted individually, they are blacklisted as part of blacklisted IP-address ranges due to maldoing from other (German? Belgian? I could not understand from your post!) IP-addresses in those ranges

Sincerely,
Gennady
Last edited by KeyCAPTCHA on Tue Mar 29, 2011 5:14 am, edited 8 times in total.

User avatar
/a3
Registered User
Posts: 411
Joined: Sun Sep 19, 2010 9:08 am
Location: /dev/random

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by /a3 » Tue Mar 29, 2011 4:26 am

Martin Truckenbrodt wrote:Hello Popp Singh,
thanks a lot for your post.
I'm trying to stay relaxed. But sometimes it's not easy for me. All the posts which are written against the use of blacklists to prevent forum spam are based on fairytales and strange theories. Never they are based on experience. This is the point which is making me sometimes very angry.
No, I think you've got it wrong. You've spent so long promoting blacklisting that you've become "attached" to your idea. If you actually took a step back you might see that blacklisting doesn't work.

Fact: There are billions of IP addresses available.
Fact: It is literally impossible to monitor the traffic being received by all of these IP addresses.

Your theory is that your "weight" system somehow works around proxies and dynamic IP addresses. The fact is that if different people are potentially using the same IP addresses then you are probably blocking false positives.

As you've stated in your MOD description, blocked users simply cannot see the registration page. So how do you know if your system works? You don't. No amount of experience with your MOD would show that it doesn't block false positives.
$ git commit -m "YOLO"

User avatar
Ger
Recognised Extension Developer
Posts: 1887
Joined: Wed Jan 02, 2008 7:35 pm
Location: 192.168.1.100
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Ger » Tue Mar 29, 2011 1:37 pm

Martin Truckenbrodt wrote:All the posts which are written against the use of blacklists to prevent forum spam are based on fairytales and strange theories. Never they are based on experience.
Well, isn't the experience of Gennady relevant? That's a false positive. Or do you stil call it a fairytale?
My extensions:
Simple CMS, Feed post bot, Avatar Resize, Modbreak, Magic OGP, Live topic update, Modern Quote, Quoted Where (GDPR) and Autoresponder.
Newest: FAQ manager for 3.2

Like my work? Buy me a coffee to keep it coming. :ugeek:
-Available for custom work-

User avatar
Martin Truckenbrodt
Registered User
Posts: 3045
Joined: Sun Mar 23, 2003 6:22 pm
Location: Franconia
Name: Martin Truckenbrodt
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Martin Truckenbrodt » Tue Mar 29, 2011 4:28 pm

Hello Gennady,
sorry, that have not always used your first name. As you can see it in my nickname I'm not a friend of ANONYMOUS, too.
Okay, it seems that you are living in Russia. A lot of spam comes from Russia. And a lot of ISPs are earning their money with these spammers. So maybe a lot of ISPs are not interested in fighting against spammers. Or they don't have the finacial or technically possibilties to observe and restrict spammers. I just can give you the advice to test your IP address frequently e.g. with http://www.dnsbl.info to get more information. I would need more details from you about the websites or the services you are trying to use or to register to give you a better or more detailed statement. And on the end as I've told you in an other post: There are very different blacklists with very different policies. And there are poor and better implementations for the use of blacklists. This is the reason for the bad image blacklists are having.

I'm not a spammer. :evil: You've started our dispute with your personal opinion which is not based on own experience with the use of blacklists to prevent forum spam and which is not based on own experience with ABM. Can you really not understand my angryness?

@ /a3 and Ger: You don't know what is happening in my brain. It's my brain inside of my head on my neck. :) :roll:

As I've explained above: blacklists are a very wide subject. Blacklists have a bad image for a lot of people. But still it's the most important feature to prevent e-mail spam worldwide. The bad image of backlists is based on some bad blacklists and in most case it's based on bad implementations of backlists in bad anti-spam software.

As I've told several times: A lot of people are posting bad things about blacklists. Some are trying to provoke mine with stupid posts: http://www.phpbb.com/community/viewtopi ... #p12976092 - In this example callum95 has been successfully.
But not anybody of this self called forum anti-spam experts has tried ABM by now!
In my opinion: If I don't have any own experience with something then I will not give anybody public feedback about it.

On the end the facts again:
ABM doesn't result any false positives which means 100% or perhaps 100.0% or 100.00%, too.
There are more than 3.000 downloads by now. Since the first version of ABM has been validated and till today I haven't got any bad feedback for this MOD. Some of the good feedback you can find in ABMs support forum. A statistic from one of my boards for a 100 days time period you can find at the ABM FAQs.

These are the facts! These facts are based on experience with the use of blacklists to prevent forum spam!

So please just accept and tolerate this point and don't defame my spare time I've spent in the developement of this MOD.

I'm still hoping that the dsnbl_check will be improved in Ascraeus. Nils (naderman) told me to write a patch for it. But I don't want to spent my sparetime in learning the use of github, diff and other needed technics. Also I think it should be one of the main interest for the developemt team to have more effective anti-spam features included in the core package.

An official statement of the phpBB3 developement team based on experience with ABM would be the best statement this time for me and the phpBB3 community, too. Since more than two years I'm waiting for it.

You can believe me: I'm not possessed. I'm just frustrated, disappointed and angry.That's all!

Bye Martin
Free tutorial: Installing MODs in phpBB 3.0
Advanced Block MOD - Prevent spam on your phpBB 3.0 board with Stop Forum Spam, BotScout, Akismet, Project Honey Pot and several IP-RBL and Domain-RBL DNS blacklists!
My MODs
Use the official phpBB Ideas to vote missing core features!!!

User avatar
DavidIQ
Customisations Team Leader
Customisations Team Leader
Posts: 17066
Joined: Thu Jan 06, 2005 1:30 pm
Location: Fishkill, NY
Name: David Colón
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by DavidIQ » Wed Mar 30, 2011 12:58 am

KeyCAPTCHA wrote:I immediately flagged your post asking moderators to delete it,
as being unsolicited off-topic, incorrect and publicly harming to my company's antispam service.
I do not know why this request was ignored.
Our sincerest appologies. It was not ignored. The report has now been taken care of.

If this continues I will be forced to lock yet another topic so gentlemen...please behave. :geek:
Apply to become a Jr. Extension Validator
My extensions | In need of phpBB services? | Was I helpful today?
No unsolicited PMs unless you're planning on asking for paid help.

User avatar
Martin Truckenbrodt
Registered User
Posts: 3045
Joined: Sun Mar 23, 2003 6:22 pm
Location: Franconia
Name: Martin Truckenbrodt
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Martin Truckenbrodt » Wed Mar 30, 2011 4:01 pm

Hello David,
Martin Truckenbrodt wrote:...
In my opinion: If I don't have any own experience with something then I will not give anybody public feedback about it.
...
These words are describing how every few months the same disputes are started in most cases caused by the same users and sometimes by new users.
But it seems to be the easiest way to tell me the bad guy and not the others whom are telling the community personal opinions based on fairytales and strange theories and not on experience and the others whom are posting stupid annoying posts to defame my MOD and my sparetime spent in programming it.
Martin Truckenbrodt wrote:...
An official statement of the phpBB3 developement team based on experience with ABM would be the best statement this time for me and the phpBB3 community, too. Since more than two years I'm waiting for it.
...
Bye Martin
Free tutorial: Installing MODs in phpBB 3.0
Advanced Block MOD - Prevent spam on your phpBB 3.0 board with Stop Forum Spam, BotScout, Akismet, Project Honey Pot and several IP-RBL and Domain-RBL DNS blacklists!
My MODs
Use the official phpBB Ideas to vote missing core features!!!

User avatar
DavidIQ
Customisations Team Leader
Customisations Team Leader
Posts: 17066
Joined: Thu Jan 06, 2005 1:30 pm
Location: Fishkill, NY
Name: David Colón
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by DavidIQ » Wed Mar 30, 2011 4:41 pm

I'm only going to address this:
Martin Truckenbrodt wrote:
Martin Truckenbrodt wrote:...
An official statement of the phpBB3 developement team based on experience with ABM would be the best statement this time for me and the phpBB3 community, too. Since more than two years I'm waiting for it.
...
Bye Martin
The fact of the matter is that we've already offered you a chance to provide patches and improvements to the anti-spam measures in phpBB based on your own MOD but you have stated on a few occasions that you don't have any time for it. The best chance at recognition you have you're passing on so I'm not sure what else you're expecting us to do.
Apply to become a Jr. Extension Validator
My extensions | In need of phpBB services? | Was I helpful today?
No unsolicited PMs unless you're planning on asking for paid help.

User avatar
Martin Truckenbrodt
Registered User
Posts: 3045
Joined: Sun Mar 23, 2003 6:22 pm
Location: Franconia
Name: Martin Truckenbrodt
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Martin Truckenbrodt » Wed Mar 30, 2011 5:09 pm

Hello David,
I think it's very easy:
Just (phpBB developers and perhaps other phpBB team members) install ABM on some boards which are in spammers focus. Do the steps I've described in my alternative anti-spam whitepaper.
Let it run for one month and share your experience in the teams and perhaps with me, too. And then give the community a officially feedback.

IMO it doesn't matter if I will write a patch for Ascraeus, or not. Firstly we are talking about a feature and not especially about a MOD and not especially about the features which should be included in Ascraeus, or not.

Bye Martin
Free tutorial: Installing MODs in phpBB 3.0
Advanced Block MOD - Prevent spam on your phpBB 3.0 board with Stop Forum Spam, BotScout, Akismet, Project Honey Pot and several IP-RBL and Domain-RBL DNS blacklists!
My MODs
Use the official phpBB Ideas to vote missing core features!!!

ckwalsh
Former Team Member
Posts: 1837
Joined: Wed Mar 15, 2006 1:50 am
Location: Seattle, USA
Name: Cullen Walsh
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by ckwalsh » Wed Mar 30, 2011 10:25 pm

The best way to get some of ABM's features included is to stop expecting development team members to write it and submit a patch. Development team resources are stretched as they are; If even more new features were added, 3.1 may never come out. Additionally, the development cycle has been opened up as much as it can be - anyone can submit patches, and so long as they are relevant and comply with phpBB's guidelines they will certainly be considered. Heck, it doesn't have to be perfect; we can help with code review and polishing the patch.

If you put half as much effort into writing a patch as you do promoting and defending your MOD, 3.1 would already have it integrated. As I see it, since you haven't made any attempt to learn about the phpBB development process and submit such a patch, you don't really care enough to get it integrated; you just enjoy bringing it up constantly hoping that we will do the work for you. I won't.
Where to post what | Forum Rules | The Dos and Don'ts of General Discussion
In Seattle and want to meet, chat, or have a coffee? Drop me a PM.

User avatar
naderman
Consultant
Consultant
Posts: 3735
Joined: Fri Aug 01, 2003 10:06 pm
Location: Berlin, Germany
Name: Nils Adermann
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by naderman » Wed Mar 30, 2011 10:31 pm

Martin Truckenbrodt wrote:On the end the facts again:
ABM doesn't result any false positives which means 100% or perhaps 100.0% or 100.00%, too.
That is entirely impossible, e.g. most blacklists will not be able to immediately react when an IP is reassigned. Any blacklist will have a false positive sooner or later, so it is all about keeping this rate as low as possible. It's also important to consider that it is very difficult to measure false positives, since most users will just decide to ignore a board where they were blocked rather than trying to get in contact with an administrator.

CAPTCHAs on the other hand have false positives too (e.g. an image a human user isn't able to read). So having false positives by itself certainly isn't an argument against blacklists. In fact some blacklists probably have significantly lower false positive rates than CAPTCHAs. Both mechanisms need to find a way to keep false positives as low as possible and need to have solutions in place in case they occur (e.g. our contact board administrator link, although we can certainly improve on that).
I appreciate gifts from my Amazon wishlist.
naderman.de twitter: @naderman

User avatar
Marshalrusty
Project Manager
Project Manager
Posts: 29253
Joined: Mon Nov 22, 2004 10:45 pm
Location: New York City
Name: Yuriy Rusko
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Marshalrusty » Wed Mar 30, 2011 10:48 pm

It ultimately comes down to numbers. How effective is the MOD compared to a CAPTCHA or the Q&A option? What are the false positive rates (this one can be measured, to some degree, by falling through to a contact form form for users who are blacklisted). I see the claim that this MOD works better or even that it avoids false positives 100% of the time (which is impossible), but I don't see any statistics to suggest that this is even remotely the case.

We are here to help to a reasonable extent, but you should not expect us to dedicate resources to testing your theory for you when there isn't already a reason to believe that it works better than the current solutions. Intuitively, I cannot see any reason why your implementation would not have all the problem known to occur with blacklists, so unless you can show otherwise, you definitely shouldn't expect the team to dedicate resources toward this.

On the other hand, as Cullen said above, you are most welcome to write a patch for this yourself, or with the help of other community members. Take a step or two forward and we'll meet you somewhere in the middle.
Have comments/praise/complaints/suggestions? Please feel free to PM me.

Need private help? Hire me for all your phpBB and web development needs

User avatar
Martin Truckenbrodt
Registered User
Posts: 3045
Joined: Sun Mar 23, 2003 6:22 pm
Location: Franconia
Name: Martin Truckenbrodt
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Martin Truckenbrodt » Wed Mar 30, 2011 11:41 pm

Hello Cullen,
at the moment we are on end of a sad dispute again like we have had it several times last two years. The dispute has not been started by mine. This post http://www.phpbb.com/community/viewtopi ... #p12971855 causes the following answer.

I'm not promoting and defending my MOD. I'm promoting and defending a feature.

My MOD is a validated MOD (but at the moment I'm writing a new version just to add some new ideas and to optimize some minor important things). So it is ready to use for writing a patch. I'm sure an phpBB developement team member would need only one or two hours to write the patch.
For me it would need several evenings on severeal weeks to learn the developement basics. No, sorry, I don't want to spend my sparetime for this. I'm nearly 40 years old. I have a family and I have two much more important hobbies, too. I have a hard job. And at the moment I'm spending too much time at the phpbb.com forums. ;)

@Nils: Thank your very much for your post! It's telling important things. (As you know: For me these points are not new!) One possible strategy could be to use DNS blacklist blocking for all functions except for an administrator contact form (which is is not included in phpBB3 by default like the impress is not included and some other important basic fetaures are still missing ;) ). Then only for the contact form CAPTCHA could be used. IMO this would be a very good strategy. This would make sense.

The tests I demand from you will show you how much false positive there will be on your forums. I just told you my own experience, the experience of a large Australian gamer board and the feedback you can find at the ABM support forum. As anybody can see: My three boards are not very active. One is a support & test forum and the other boards are very specialised. But the ABM included Block Log really is very helpfully to look for false positives. access.atlbl.net absolutely is doing a great job. And dnsbl.tornevall.org is doing a very good, too. For dnsbl.tornevall.org and the other used blacklists the weight system is doing a very good job. You just have to try it.

Since July I have a new colleague. Yesterday he told me that in past he wrote a lot of hacks/MODs for vBulletin. He told me that the problem of vB is or was that the core package has growing too much. Too much features have been included. He ask me if phpBB still is a small basic package. I've answered him: Yes, it is. This still is a good point for phpBB, but a lot of true basic features still are missing. For these basic features still you have to install MODs which are editing a lot of core files.
The CAPTCHA plugin system is only one anti-spam feature which uses several plugins till they are cracked.
Look here http://www.phpbb.com/community/viewtopi ... &t=2122696 .
What's the number of alternatives?
Admin Activation is not really usable without other features. Double Activation is needed ot keep the email addresses confirmed.
UTC-12 trick still is a good feature. ABM has it included since two years (in a different way using the Block log, too). As you can see it on my statistics still it's doing a better job as check_dnsbl is doing it. But I'm quite sure that spammers will hack it very quickly and easily then it would be a default phpBB3 anti spam feature.
Newly registered user group feature is not very comfortable. Double Activation would be a good alternative for it. It would give us nearly the same result. But a lot of spammers will been catched in the first step (confirm email address). The spammers accounts would not been activated.
Required CPFs easily can been filled automatically.
That's all! Please excuse, but IMO it's a poor list.

@Yuriy: For me the important question is not: Are blacklists doing a better job like CAPTCHAs are doing it? This really doesn't matter for me. I just want to show that blacklists are doing a good job, too. At the ABM FAQs I've compared some things vs. blocking (with DNS blacklists). I think I've listed a lot of important points.
My words are not based on theories. They are based on the experience of nearly two years. And it's based on the experience of others, too.

Now I'm very tired. So I will go to bed as soon as possible. But my angryness has slowed down a lot. It's a little bit satisfying for me now to "talk" with people whom are able to discuss in an usefully way. I would be much happier if I could know that you will test the feature (by installing my MOD ;) ). I have the needed experience. Now it's your turn! :)

Bye Martin
Free tutorial: Installing MODs in phpBB 3.0
Advanced Block MOD - Prevent spam on your phpBB 3.0 board with Stop Forum Spam, BotScout, Akismet, Project Honey Pot and several IP-RBL and Domain-RBL DNS blacklists!
My MODs
Use the official phpBB Ideas to vote missing core features!!!

Pony99CA
Registered User
Posts: 4783
Joined: Thu Sep 30, 2004 3:13 pm
Location: Hollister, CA
Name: Steve
Contact:

Re: [Split] Using Advanced Block Mod to Prevent Spam

Post by Pony99CA » Thu Mar 31, 2011 2:04 am

naderman wrote:
Martin Truckenbrodt wrote:On the end the facts again:
ABM doesn't result any false positives which means 100% or perhaps 100.0% or 100.00%, too.
That is entirely impossible, e.g. most blacklists will not be able to immediately react when an IP is reassigned. Any blacklist will have a false positive sooner or later, so it is all about keeping this rate as low as possible.
Yes, I've tried to explain that to Martin with an example where spammers and real users repeatedly got the same IP address. Any system that has no false positives (real users incorrectly identified as spammers) will likely have a lot of false negatives (spammers incorrectly allowed through as real users) and vice versa.

That doesn't mean that blacklisting is a bad approach; it just means that it's not a perfect approach as Martin seems to think it is. It may well work for many board admins to keep human spammers out, so it's one tool in the admin's toolbox.

Steve
Silicon Valley Pocket PC (http://www.svpocketpc.com)
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.

Post Reply

Return to “phpBB Discussion”