IP2.3.6 spambots

[Strike X]

I am looking forward for IP.Board 2.3.7

- Add reCAPTCHA for PM. If new member have more than 10 posts for example, reCAPTCHA (for PM) is automatically removed.
- Prevent mail server getting flooded (queue) from PM's Spam
- PM Flood Control

I got an email from web hosting provider recently:

I believe the user account 'musbase' on the forums is sending out PM spam to members as there's a large number of e-mails in the mail queue from him - can you suspend/remove his account?

We need a feature to prevent mail server getting bombed from PM Spam.

[crmarks]

Awesome, my forum got hit right as I was reading this. User 'muzrinkl'.

This is the third time the site has been massively PM spammed, the first one managed to hit all 40,000 + members. Now I have members asking for their accounts to be deleted. <_<

[loccom]

Awesome, my forum got hit right as I was reading this. User 'muzrinkl'.

This is the third time the site has been massively PM spammed, the first one managed to hit all 40,000 + members. Now I have members asking for their accounts to be deleted. <_<

i know how you feel about members asking for their account to be removed.

Also all the out of office messages and why can i not access my Pm box, also old members who have forggotten their password and then get problems.. absolute nightmare.

I removed offending pm's to protect members

[crmarks]

Don't forget all the emails and PM's asking why they got a notification for a PM that isn't there!

[Wynand]

According to exim logs, over 19000 out of the nearly 40000 users I have, have received a spam message by a bot (obviously) in the very early morning, probably the PM's were sent according to the user id (ascending).
My users are everything but pleased about this, the info@ email box is staged with people complaining about the PM, asking for their account to be deleted (or to have their username and password reset so that they can read the PM, but..). Being a computer help forum, this is far, far from looking professional, being unable to prevent such situations.

They (my users) are not alone with this feeling, for now (call it 2.3.6 PL1 w/e), simply adding reCAPTCHA to the bottom of each PM page would be fine for me. As our box is already at its limit's, I can't afford to create a separate usergroup and work with promotions for members with more than x posts due obvious reasons.
Invisionize, take care of this, and take care of this asap, this is anything but a minor issue.

[Strike X]

OMG, spammer registered again on my forum...

I have disabled Registration for now.. I be waiting for 2.3.7

[The Pi]

I personally doubt anything can be done about this. Every fix IPS puts out will knock them out for a little while until the bots are re-coded for the new security. Best security measure for your forums: mess with the registration system a bit. Make custom fields the bots won't recognize. If you really are skilled at coding, you could change the HTTP variables sent at registration so the bots use the wrong variable names. Most things that make the registration at your site different from the registration at the average IPB site will deter plain bots

[Carl M]

People are probably best just going user then admin validation at the moment.

[Connor T]

God dang. It does crash your email stuff. I got suspended from my email portion of my server, due to sending out more than 500 emails within 30 minutes.

[Speed Racer]

God dang. It does crash your email stuff. I got suspended from my email portion of my server, due to sending out more than 500 emails within 30 minutes.

Like I said in another post. This is causing financial losses for people. I hope IPB can put on hold IPB 3.0 work for a few days to address this. This is causing server load spikes, banned shared hosting accounts, loss of membership, loss of money for web sites. We need a patch to require captcha for new posts and / or flood control for PMs.

[Energizer]

I hope IPS is working on a solution for IPB 2.3.6

[Rod.]

This guy sent almost 10,000 PM's to my members. Unfortunately I DELETED his account. I have his member number, however his account no longer exists. Can I still run a sql command to delete all of the PM's he sent?

[Ryan H.]

This guy sent almost 10,000 PM's to my members. Unfortunately I DELETED his account. I have his member number, however his account no longer exists. Can I still run a sql command to delete all of the PM's he sent?

The SQL query given in the knowledge base only requires the member's ID; that will still work even if you deleted his actual account.

[Connor T]

The patch released fixed it.

Thanks IPS. Great timing.

[Genestoy]

Patch installed and working great (I hope) :thumbsup:

[andyfield]

Thanks for the patch. It was interesting how last night I was told by support that it wasn't a major issue and a patch wasn't likely, but 24 hours later the issue is being taken more seriously. Thanks for taking action on this eventually - it is vital that Invision doesn't fall foul of spammers. Just like others have reported my forum was damaged by a scammer joining in the exact same way, sending multiple messages which triggered huge numbers of notification e-mails.

I've now patched the forum and lessened the restrictions, but I'm still very concerned about the whole issue.

[TCWT]

The same person also registered on my forums. :o I'm surprised the PM system doesn't have a flood control. I think I even requested this a while back but few were interested.

Does the patch work with versions prior to 2.3.6?

[Brandon D]

Grats to IPS for releasing a patch in a timely manner yet again. Wonder how long till the next patch for when spammers circumvent this patch? :P

[Volvospeed]

Thank you spammers!!!

[Strike X]

Thanks for patch.

I felt the patch could have done better but better than nothing. If a spammer sent 10 member PM less than x minute then flood control is set and also capatcha (for spammer).

What if trusted member chat a lot between other member, so they have to wait x minute for each reply? It is a bit irritating.

[rbiss]

Thank you spammers!!!

Yes, after banning him I thought about hiring him. lol

[Matt]

We have more in mind for 3.0.0 but we wanted to keep this update very simple. Adding per-group options would mean more fields to the group table and adding captcha would mean template edits and such.

This solution will stop the issue that's been reported.

[AndyF]

Thanks for the quick action to get a patch out :thumbsup:

[loccom]

excellent.. thanks

[Heavy Harmonies]

I realize that my complaint is for Invision Hosting, but since it's the same darned company:

I understand the need for Invision to get ahead of this PM spam problem, but the manner in which they decided to implement this is unconscionable. Disabling the PM systems on all hosted boards until they can be patched is one thing, but then NOT MAKING ANY ATTEMPT TO INFORM THE BOARD OWNERS THAT THIS HAD BEEN DONE is absofrickinglutely unforgivable!

Since the only way anyone would know that PMs have been shut down is to access the PM system, if a board owner/admin didn't happen to send or receive a PM this morning (as I did not) they had no way of knowing that this was going on!

It wasn't until I started getting unhappy complaints (via email and posted on the board) that I knew anything was going on.

Sure, there was an email yesterday that recommended that you patch your board, but there was NOTHING WHATSOEVER in there about a deadline or that board PM systems would be disabled within 24 hours if not patched.

C'mon, what is this, a Keystone Cops routine? Be a little proactive in your communication!