Help with spam bot

[Guest]

don't post links to that program wimpie, the last thing we want to do is drive new customers to them, I wonder whether we can't force the site down through some legal action, probably not... :rolleyes:

but I agree it's frightening to see how it can decipher very advanced captcha's.

[Stuart Elliott]

Wow. Also, that page proves that you REALLY need to block all .ru and cashette.com addresses from registering at your forum - apparently that XRumer spam program (oh sorry, the developer says that spam is defined as unsolicited email which it doesn't do - it's a perfectly legal autosubmitter application!) will autoregister email accounts on mail.ru and stuff to validate registrations.

I also went with *.biz, *.info and *.org - my sites are related to "guilds or clans" in online games, there is no reason any of those domain extensions would legitimately register at either of my sites.

[dereisbaer]

the robots always enter "google" in the first custom profil field... thats the way you can get rid off them... of course it

[robdon]

Hi,

You could try putting in some code in the post routine to check $_SERVER['HTTP_USER_AGENT'] and reject posts from certain values.

Some of the auto posters have specific USER_AGENTS, for instance the USER_AGENT "Forum Poster - fp.icontool.com" is a spam poster, and you can then block based on that value.

Its not 100% effective (as I guess that some posters dont set USER_AGENT) but it should help a bit...

Rob D.

[kissybissy]

can the spammers become a member and post even if we use e-mail and Admin approval? I set the registrations to work this way and until now it's working fine. All I need to do is delete the spammers from the validation list.

[krang]

Maybe the people here can collect a few steps to get rid of the bots / spamming humans. I would prefer such a point in the documentation with some stuff said in here. I'm also using IPB for a very small private forum but I get 20-50 registrations a day. Some of them get through the user validation (-> humans?) and sometimes I'm not sure to approve one because some usernames/IPs/email-addresses I'm not sure of where they come from.

What about this DNStuff banned IPs? should I enter them all at first?

Would be really nice if somebody does a guideline to handle spammers...

[wimpie]

i installed the advanced captcha modification from ipsbeyond, so far no new bots registered.
http://www.ipsbeyond.com/forums/index.php?...mp;showfile=595
fingers crossed it keeps that way

[theclub]

What about this DNStuff banned IPs? should I enter them all at first?

The DNS Stuff information is just a reference, you don't want to be entering that lot, there's 2600 of them, and they are only the ones banned by DNS Stuff, there will be many other lists.

:thumbsup:

[Strange_Will]

Wow. Also, that page proves that you REALLY need to block all .ru and cashette.com addresses from registering at your forum - apparently that XRumer spam program (oh sorry, the developer says that spam is defined as unsolicited email which it doesn't do - it's a perfectly legal autosubmitter application!) will autoregister email accounts on mail.ru and stuff to validate registrations.

I wonder how he would like to be tapped with a lawsuit for a few million unsolicited spams?

[kissybissy]

Maybe the people here can collect a few steps to get rid of the bots / spamming humans. I would prefer such a point in the documentation with some stuff said in here. I'm also using IPB for a very small private forum but I get 20-50 registrations a day. Some of them get through the user validation (-> humans?) and sometimes I'm not sure to approve one because some usernames/IPs/email-addresses I'm not sure of where they come from.

how come they are able to post without having their account approved?

[krang]

I entered some of the IPs from DNStuff and some of the well known eMail-Addies like gawab.com and stuff.

Does this work with an entry in the banned-email-field looking like "*@gawab.com" ?

[Drizt]

Make a primary group that is on permanent moderation, promote them to Members when they reach a certain post count. You can always override this if you're sure they're genuine. You can also add Admin approval and check their IPs against this list ...

http://www.dnsstuff.com/tools/banned.ch

:thumbsup:

Hi i have tried to implement something very similar, but alas I have hit a stumbling block.

Can someone tell me how to change the default user group? When a user signs up they default to the 'Members' Group, but I would like to change this to my custom group.

If someone could explain it (simply, very new to forum administration) it would be greatly appreciated.

Cheers

[.KX]

Isn't it...conf_global.php?

There is a var. in that file which defines the default member group.

[Drizt]

Isn't it...conf_global.php?

There is a var. in that file which defines the default member group.

Possibly, Ill have a look when I get a chance, and report back.

Edit: Thanks heaps for the suggestion, cheers.

[theclub]

Sorry, I should have mentioned conf_global.

One thing to be careful of ... conf_global should be read only, if you change the permission to edit it, make sure you return it to read only again.


:thumbsup:

[haroldocou]

Hi, I'm new here, (I am an admin at dozleng.com) but I found it a little ironic that I was able to read this thread without registering. If I was able to read this, I imagine it wouldn't be too difficult for a spammer to do the same. Shouldn't a discussion such as this be kept private?

[Strange_Will]

Hi, I'm new here, (I am an admin at dozleng.com) but I found it a little ironic that I was able to read this thread without registering. If I was able to read this, I imagine it wouldn't be too difficult for a spammer to do the same. Shouldn't a discussion such as this be kept private?

A spammer can sign up anyway... and not like we're giving away any mysterious secrets. :P

[vincentvoois]

I found the custom profile field to be very effective.
Yes it adds unwanted data, but it is more effective than the captcha solution. (i turned the captcha module actually off, because its redundant overhead for true users that want to register)
The user has to insert a specific word that can be found somewhere on a referred webpage. A spambot cannot do this.
If only there was a possibility to add a custom validation field that requires this question (meaning the answer does not go to the profile database of the user) this would create the best solution.

The only problem with the required profile field i have is that some words aren't recognised and it seems to aim that you have to define only the type of field that you are adding. I rather have a radiobutton that defines the type (numeric / alpha numeric or general) and a matching word if an exact match is required.

[.KX]

Have 3 radio buttons like so:-

- Ph34r.
- Pwnz0R
- k1ck 455

Then have a question like:-

Select the word "Fear" from the above l337 text.

:mellow:

[Drizt]

Isn't it...conf_global.php?

There is a var. in that file which defines the default member group.

Thank you very much, that worked a treat.

Cheers

[AlphaOmega25]

Wow. Also, that page proves that you REALLY need to block all .ru and cashette.com addresses from registering at your forum - apparently that XRumer spam program (oh sorry, the developer says that spam is defined as unsolicited email which it doesn't do - it's a perfectly legal autosubmitter application!) will autoregister email accounts on mail.ru and stuff to validate registrations.

I looked at their website. I truly feel sorry for ppl that wate $400 for their software. They tell people it's legal so long as their posts do not contain, "...provoking racial hatred or anything prohibited by the law." Well, that is only true for "discrimination", however, that has nothing to do with spamming. In my opinion, if you use that software for it's purpose, it is illegal. It boasts on their site, "...software works around EVERY possible type of protection from automatic registration..." Last time I checked, that's called "Unauthorized access to a computer network", which is a federal and state crime. The site states that the intent of the program is to circumvent security measures to post on forums.

Even though they have a .ru address and their information is in Russia, their hosting is US-based:

botmaster.net (65.39.251.37) (Peer1 Networks, New York)
ns02.botmaster.ru (216.195.53.12) ns01.botmaster.ru (216.195.49.207) [APS Telcom, Portland, OR]

I can understand a company that sells "hacking" tools so you can do security audits for ppl or yourself. Unfortunately, though, this company does not advertise as security. They boast about being able to use their software to post your message anywhere u want. The worst part is they are actually trying to convince people that using their software is not illegal. And why wouldn't they? They are charging about $400/license.

[Strange_Will]

How about we track down all spammers point of origin, and sue them for every spam post under a breach of security?

Easy money for webmasters ;)

[forums.bd]

Have 3 radio buttons like so:-

- Ph34r.

- Pwnz0R

- k1ck 455

Then have a question like:-

:mellow:

perhaps if Radio button option was available, this would be a good idea.
you can only do text box or drop down with ipb, no radio.

[theclub]

perhaps if Radio button option was available, this would be a good idea.

you can only do text box or drop down with ipb, no radio.

I've tried to get an answer to this but to no avail.

A few people have suggested question and answer fields, but no-one has said how to do it, and using the custom profile fields setup as it is, it can't be done.

So all you who have put these ideas up, how about telling us how it's done?

:unsure:

[forums.bd]

i didnt' experiment with this one but try setting up a custom required at registration NUMBER field.
just ask the user to enter any number.

dunno what spam bots will enter but i guess if spam bots can't place a number in the field, registration won't be complete.
then allow user email validation.