Sun Sims Home Search FAQ Log in  
Reply to topic When spammers attack
Goto page Previous  1, 2, 3, 4, 5, 6  Next
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Mon Oct 16, 2006 8:28 pm
Reply with quote
Kaylyn wrote:
I'd vote for that! lol


In all seriousness, so would I!

All these filters and blocking and vigilance are merely treating the symptoms. We need to cure the disease, and we have the ability to do that. When the spammers' heads start appearing on spikes on the television news, they will stop.

Dead men send no spam! Let's start a campaign!


_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
miros1
Lone Surviving Sims 1 Holdout
Joined: 05 Sep 2004
Posts: 5348
Location: NY State
Post Posted: Mon Oct 16, 2006 10:34 pm
Reply with quote
BTW, the filters that pair.net uses are pretty good... they just add ** JUNK ** to the subject line, so once you're sure you can trust them, you can just filter on that and get rid of a good chunk of it in one fell swoop. They also add the reasons why they thought it was spam at the top.

I've only ever had 2 emails marked as junk that shouldn't have been... One of them was a reply to an email with the text of the Chronicle in it. The headers indicated that it was marked as spam because it advertised a baldness cure...

_________________
Rose/Miros
Webmistress, the Wooden Simolean
http://www.woodensimolean.simshost.com
The Wooden Simolean is a SimsHost subscriber supported site
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Mon Oct 16, 2006 10:49 pm
Reply with quote
I've had reasonable success with pair's spam filter, although I have one fellow writing to me from his Yahoo account and his messages are consistently marked as spam.

I wouldn't be surprised that the Chronicle triggers a spam filter. The number of links would do it if nothing else.

In other news: I just had to do this. Grin

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Fri Oct 20, 2006 2:36 pm
Reply with quote
Here's a useful tool for looking up spammer domains:
http://www.mxtoolbox.com/index.aspx

You give it a domain name and it tells you the IP address and provides a report about whether that IP address is on umptygazillion block lists.

This might also identify a reason why spammers would be bothering with little boards like the Hullabaloo. They might be testing block lists.

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
miros1
Lone Surviving Sims 1 Holdout
Joined: 05 Sep 2004
Posts: 5348
Location: NY State
Post Posted: Fri Oct 20, 2006 2:59 pm
Reply with quote
Don't they realize that board admins will be complaining to the phpBB creators, and eventually an automated checker will be added?

_________________
Rose/Miros
Webmistress, the Wooden Simolean
http://www.woodensimolean.simshost.com
The Wooden Simolean is a SimsHost subscriber supported site
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Fri Oct 20, 2006 4:06 pm
Reply with quote
miros1 wrote:
Don't they realize that board admins will be complaining to the phpBB creators, and eventually an automated checker will be added?


Yup, I'm sure that will happen. I've been toying with the idea myself.

The board already blocks a specific list of IP addresses from being able to access it--they never even get to the board's home page. We also have a ban list of email domains.

The next step would be to automatically do a reverse-DNS lookup on the email domain, and if it matches an IP address on the block list, don't allow the account to be created.

At the moment it's not a really big deal. I delete one or two users a day, often before they even have time to verify the email address. Only one spammer has been able to get as far as posting a message in the past few months so I'd say we're not facing a crisis at the moment.

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
sims2addict
Superlative SimsHost Fan
Joined: 09 Nov 2006
Posts: 20
Location: staffordshire, UK
Post Posted: Thu Nov 09, 2006 2:46 pm
Reply with quote
I would not have known about this at all...i dont get how this is happeneing from this. I have lately being getting rude emails which i think are spam....coming directly into my inbox. I have actually replied a couple of times and politely asked them to stop it as it was driving me crazy. I wonder if they were coming from another forum i joined then...as it all seemed weird!
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Thu Nov 09, 2006 4:41 pm
Reply with quote
The most likely explanation is that your email address is visible on a publicly viewable web page.

By default, all the forums based on phpBB (which includes the Hullabaloo), allow members of the forum to view email addresses. So now spammers are joining the boards and then reading the membership profiles to harvest email addresses.

That's why I removed the board's ability to display the membership list as well as the aiblity to display email addresses even if the member has the setting to allow it. I simply deleted the code where the board would do this. As it is, your email address should be hidden from everybody but the administrators (that's Nancy and me).

We're blocking access from several hundred servers that are known to be havens for spammers--they can't even get to the front page of the Hullabaloo--but of course that only stops few of them. It's like a new Cold War, where we're trying to wear down the Evil Empire by making it too expensive for them to do business.

Public execution would be faster, but so far no nation outside of Happy Valley has adopted capital punishment for spammers into law.

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
Ghostman
SimsHost Champion
Joined: 03 Jul 2006
Posts: 417
Location: Venezuela
Post Posted: Thu Nov 09, 2006 9:50 pm
Reply with quote
Greg wrote:
So now spammers are joining the boards and then reading the membership profiles to harvest email addresses.


I heard they have webcrawlers for that too.

Also, Kat, you should never answer a spam.

_________________
David D.
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Fri Nov 10, 2006 6:05 am
Reply with quote
Yes, they have webcrawlers that will surf every site they can find and harvest email addresses. Lots of folks, including me, used to put our email addresses in the fiddly details at the bottom of the pages so that folks could contact us if they found glitches, but no more.

The default configuration of many bulletin boards, including phpBB, provides links so that those web crawlers can get all the email addresses on the board even without creating an ID. This is not the case with the Hullabaloo, or any phpBB where the admin has changed the setting so you have to at least join the board to view the membership directory.

That might explain why we see so many spammers bothering to create memberships here. So then they join, only to learn that the membership directory won't display email addresses! And in the process, they leave tracks so that we can block their servers from accessing our sever!

BWAAHAHAHA!

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Tue Nov 28, 2006 7:59 pm
Reply with quote
I'm thinking that if we block access from netblocks assigned to web hosting services, we'll be preventing automated login attempts (from those servers, at least). Since those IP addresses are all asigned to web servers, they should never be assigned to an real human's machine.

Erm... I think. Am I missing something here?

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
miros1
Lone Surviving Sims 1 Holdout
Joined: 05 Sep 2004
Posts: 5348
Location: NY State
Post Posted: Tue Nov 28, 2006 8:41 pm
Reply with quote
Lemme ask MikeD, Dana or Randall...

_________________
Rose/Miros
Webmistress, the Wooden Simolean
http://www.woodensimolean.simshost.com
The Wooden Simolean is a SimsHost subscriber supported site
miros1
Lone Surviving Sims 1 Holdout
Joined: 05 Sep 2004
Posts: 5348
Location: NY State
Post Posted: Tue Nov 28, 2006 8:58 pm
Reply with quote
Dana's comments:
Quote:
dcarson says, "might be worth doing, I'd look at logs first and see where they
are coming from"
You say, "since he's thinking about it, i'd assume he's looked at the logs"
You say, "can you think of any reason why you wouldn't want to do that?"
dcarson says, "other than making sure that google etc can get in no"
You say, "ok, will post that"
dcarson says, "redirect to a page that haas a way to ask to be removed from the
block list in case it does affect someone real"
You say, "good idea"
You say, "and if he discovers that all AOL subscribers are routed through one
specific IP address, he can unlock that one"

_________________
Rose/Miros
Webmistress, the Wooden Simolean
http://www.woodensimolean.simshost.com
The Wooden Simolean is a SimsHost subscriber supported site
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Wed Nov 29, 2006 11:39 pm
Reply with quote
That's a good idea! I'll have to think about how to allow for that feedback without opening yet another path for the spamtroll to be a nuisance.

I'm working on a mod that will enable us to block whole top-level domains. For instance, we have never had a legitimate user come from .biz or .info, but about half the spammers use those top-level domains.

Yes, I'm looking at the logs. Our spamtroll has started spoofing domain names, which is pretty sophisticated but labor-intensive.

We had six attempts this evening, hours of work to do something that I undid in less than 10 seconds, so it's obvious that we are dealing with someone who has serious emotional problems that are far beyond anything we can deal with here.

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
Ghostman
SimsHost Champion
Joined: 03 Jul 2006
Posts: 417
Location: Venezuela
Post Posted: Wed Nov 29, 2006 11:58 pm
Reply with quote
I heard that there are programs that can change your IP.

_________________
David D.
When spammers attack
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT - 5 Hours  
Page 5 of 6  

  
  
 Reply to topic  
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © The Hullabaloo