Blocking spammers

[Kickstart]

Hi

A forum I run is getting a load of spammers at the moment. Plenty are blocked but not these.

They seem to all be hotmail email addresses. They are not caught by a referral to stop forum spam, and nor by a load of questions (and they don't seem to get the questions wrong).

At the moment I have just blocked registrations from hotmail addresses (but would rather not as there are a significant number of legitimate forum users with hotmail addresses). Also using a new email provider is probably one of the easier things for the spammers to do.

The ip addresses they are using are all over the place. Banned loads but negligible effect.

Any ideas? Worthwhile services to spot proxy use?

All the best

Keith
____________________
Traxpics, track day and racing photographs - Bimota Forum - Bike performance / thrust graphs for choosing gearing

[fatpies]

You should just take the suggestions given here for BCF.

Look for key words in the first 10 posts of a user.

Any money signs, any website names, any kitchens, shoes or brand names.
____________________
"It's easy to attack and destroy an act of creation. It's a lot more difficult to perform one"

[Kickstart]

Hi

These are not posting anything, just bloating the user list rapidly. About 20% are posting a link in their sig but that is it.

Annoys me having to go through manually deleting them.

All the best

Keith
____________________
Traxpics, track day and racing photographs - Bimota Forum - Bike performance / thrust graphs for choosing gearing

[bazza]

Start here: https://www.stopforumspam.com/contributions
____________________
"That's it. You people have stood in my way long enough. I'm going to clown college."
'98 Ducati 750SS, '08 Suzuki GSX650F ©2004-2014, Bazza's Harmless Banter

[Kickstart]

Hi

Already got checks on SFS in place but these seem to be via loads of different ip addresses, random user ids and with fairly random email addresses. As such suspect they just set them up on the spot so they have not got onto SFS yet (possibly done so they register on loads of forums without getting flagged for spam, and then they have loads to use for spam).

For example the latest registration was from 119.252.76.237, email KeebeedleyNeheal@hotmail.com and user name shopgerman27 . Checking on https://fspamlist.com/checkspammers/index.php (which checks SFS amoung others) finds nothing.

All the best

Keith
____________________
Traxpics, track day and racing photographs - Bimota Forum - Bike performance / thrust graphs for choosing gearing

[J.M.]

How about a cron job to periodically check your database and ban accounts containing black-listed URLs?

It doesn't account for users registering, but would get rid of a fair amount afterwards I suspect.
____________________
2004 R1 & 2018 XSR900

[Kickstart]

Hi

Only about 20% have a sig, the other 80% leave it blank.

Can't do cron jobs on this server, but could easily avoid that being a problem.

Getting about a dozen a day, which soon adds up.

All the best

Keith
____________________
Traxpics, track day and racing photographs - Bimota Forum - Bike performance / thrust graphs for choosing gearing

[chrisw]

Why not just suspend auto-account creation for a while?
You could put up a temporary request form which sends an email to a nominated admin account and have requests vetted. It means it's a manual process but at least you'll be in control.

[Kickstart]

Hi

Would be a fairly major change to the software (registrations go direct to the users table even if you set them to be manually enabled, so no saving) or a shed load of work to processes every application manually.

Currently blocked hotmail email addresses from registering. Will leave it like that for a while but might allow them again in a few weeks when the spammers might have forgotten about the site.

All the best

Keith
____________________
Traxpics, track day and racing photographs - Bimota Forum - Bike performance / thrust graphs for choosing gearing

[Pete.]

How many new sign-ups daily, discounting the spammers? Can you not authorise new accounts manually?
____________________
a.k.a 'Geri'

132.9mph off and walked away. Gear is good, gear is good, gear is very very good

[Kickstart]

Hi

Authorising is easy, it is the build up of ones I don't want that is the pain. Having to delete them to avoid having a silly number of blocked members listed.

All the best

Keith
____________________
Traxpics, track day and racing photographs - Bimota Forum - Bike performance / thrust graphs for choosing gearing

[SQL]

captcha on signup?

or playthru?

https://areyouahuman.com/

[Kickstart]

Hi

There is a basic captcha on the registration page already, and to be honest hard captchas seem to be easier for bots to solve than for real people

However I don't think these are bots. They are getting straight past the questions with no change in failure rate when the questions change (do you know what the BI stands for in Bimota ). Suspect they are bods being paid peanuts to set up accounts.

Wide range of IP addresses being used.

The playthrough is a fun idea though.

Thankyou

All the best

Keith
____________________
Traxpics, track day and racing photographs - Bimota Forum - Bike performance / thrust graphs for choosing gearing

[barrkel]

It sounds like someone using something like Amazon Mechanical Turk combined with cloud VM servers set up as temporary proxies. Because humans are doing the registration, there is no turing test that will stop them; and because they are just accounts, there are no posts to match and block content on.

If your concern is too many dodgy entries in the user table, perhaps you could set up a job that deletes users that are more than a few days old but have no posts, in combination with a notification email informing them of the policy and the reasons for it.

I generally only join a forum when I need to. With phpBB, that's usually when I either need to post, or want to search all posts by a specific user (not available to the general public by default on phpBB). In the former case, I should not be caught by the above policy, in the latter I wouldn't care.

The risk is it would incentivise nonsense first posts by these spam users. But matching these posts (or relying on user reports, if the forum has that functionality) may be easier than picking out the users manually?
____________________
Bikes: S1000R, SH350; Exes: Vity 125, PS125, YBR125, ER6f, VFR800, Brutale 920, CB600F, SH300x4
Best road ever ridden: www.youtube.com/watch?v=s2MhNxUEYtQ

[Pete.]

Not possible to put a 5 min countdown timer in the process?
____________________
a.k.a 'Geri'

132.9mph off and walked away. Gear is good, gear is good, gear is very very good

[Kickstart]

Hi

barrkel - I am tempted to put in an auto delete, it is just I have aversion to doing them unless necessary (or more that I am paranoid of deleting all users by mistake ).

The odd real spammer who gets in does tend to get raised by other users so I can nuke them.

[J.M.]

Are there any common features between their posts, when they post? If so I'm thinking of another post-registration solution:
- if user has less than X posts
- scan post against a list of spam URLs you have compiled, before submitting it
- if it matches, delete/ban the account

I think that if you're facing real humans being paid pittance, your only hope for pre-registration blocking is either going to come in the form of an English based question which they're unable to comprehend properly or something which will inconvenience/annoy users and make them not register.
____________________
2004 R1 & 2018 XSR900

[bazza]

Try: https://www.projecthoneypot.org

You're making life difficult for yourself using obsolete forum software.

Just sayin'.
____________________
"That's it. You people have stood in my way long enough. I'm going to clown college."
'98 Ducati 750SS, '08 Suzuki GSX650F ©2004-2014, Bazza's Harmless Banter

[Kickstart]