Jump to content

AutoIt Anti-Spam


AutoItScript
 Share

Recommended Posts

Having been under heavy spam attack recently the plugin I was previously using had a few bugs and I needed some more options so this is the result.

Features

  • Performs various checks during user sign-up to prevent spammers
  • Checks the Stop Forum Spam service and uses the "confidence" part of the API to reduce false positives
  • Checks the Project Honeypot service with a configurable threat level (API key required)
  • Checks one or more standard DNS Block Lists (DNSBL) such as xbl.spamhaus.org
  • Checks a built-in list of hundreds of disposable email providers so that you don't need to add separate Ban Filters in the ACP
  • Logs actions to the built-in IPS Spam Service Logs (different response codes are used for Stop Forum Spam, PH, Email so you can see which service triggered an action)

This is what I use on my own forum, so suggestions for improvements are welcome. 

The disposable email list is just a built in list of a few hundred hosts I found at the moment. I'm not sure the best way of making this list configurable/updated. I found some services on the web but they aren't free and I'm not really interested in non-free services for this plugin unless there is demand.

Edited by AutoItScript
Link to comment
Share on other sites

I'm still getting a fair bit of Korean spam which is being created by users who aren't on any of IPS/StopForumSpam/http:BL lists. I'm testing a feature where a regular expression can be applied to post titles and content. If it matches the post is automatically flagged for moderator approval. This means that the forum will still look clean for users and moderators can then clean it up easily with the Flag As Spammer tool. I'm testing the changes on my forum at the moment - I'll update the plugin on Marketplace after testing looks ok.

Link to comment
Share on other sites

Generally sounds like a great plugin, once i got time i will look into it.

And i like that you told the truth about the remaining spam, i think thats pretty interesting how you want to achieve this with a regex. Could you give more information how you plan to integrate it?

Is it some kind of irony that your forum name is 'Spam Happy'? :unsure:

Link to comment
Share on other sites

Spam Happy is an automatic IPS rank I think, I've not got around to changing it yet :)

No point not being honest about the functionality - I'm not trying to sell anything. I'm not interested at all in writing plugins/code for IPS 4 but I'm just finding it a necessity at the moment to make things work how I/my community want. And I'm geeky enough to enjoy the challenge so it's not all bad :) 

 We've had up to 40 of these korean spammers per day each creating up to 10 topics each. It looks terrible until the moderators clean up. So I'm trying all kinds of things to balance ease-of-registration but preventing spam.

Here's a screenshot of the new feature as it stands:

regex.thumb.png.d3c7ba8258b1f533e0343752

The php regex I'm testing at the moment is '~\p{Hangul}|\p{Han}|\p{Cyrillic}~u' which flags any Russian/Chinese/Korean. At that point the user has already registered so I'm then flagging the matching topic/post and switching it to moderator approval and the moderators receive a notification. So users never even see it. If the post is legitimate then it can just be approved. Otherwise I'm clicking Flag As Spammer which deletes all the content and bans the users (that's how I have it setup).

Here is a screenshot of my forum right now after I've had it running for a while.

result.thumb.png.65aaa8e03cb039c11a1e573

 

Link to comment
Share on other sites

Okay, thats pretty interesting.

You only need to maek sure to people who actually have this languages, that they dont use the plugin or disable at least the regex :tongue:

I like free plugins, because i like to browser through things and how they are solved. Im not interested into using them :smile:

How does it come that the IPB Spam service isnt gripping into that? I'm not sure, but that kind of spam should be detected, a new member with 4 posts+ within 7 minutes. Thats basically always spam and should be at least flagged.
However in the screenshots you could also simply match the display name :lol:

Well i thought its the automated name, but the irony in that is still funny :smile:

Nice work, keep it up :thumbsup:

Link to comment
Share on other sites

The IPS service (or StopForumSpam/http:bl) seems to be missing 99% of these spammers. If you do a google for korean spammers you'll see that they've been a plague this year with many big forums have 10/20 pages of spam on the front pages. They seems to be highliy sophisticated and using new accounts/IPs all the time. When I click Flag As Spammer it will tell the IPS service about this particular email address so someone on a less busy board may benefit.

Link to comment
Share on other sites

Finished testing the new version and I've had my first Korean-spam free day today :) 

v1.0.2 uploaded to marketplace.

  • Added option to check IP addresses during registration and take action based on the country of origin
  • Added option to require moderator approval for posts and topics based on a regular expression check of the content. Users with already approved content can be excluded.
  • In addition to deny/allow/admin approve registrations you can also flag the new member to require moderator approval for new content

 

regexp.thumb.png.6c3119312393e77ac002a0f

country.thumb.png.2286417a044c18dcd476ba

Link to comment
Share on other sites

So when you have this country check. what will the user see that registrate from a country that's not allowed?
Will they get a error message with some explanation? that will be userfriendly if GEO has it wrong, or someone with your language access the forum from a other country.

Nice tool by the way :)

Link to comment
Share on other sites

It depends on the action you set:

- Deny: They get the same message as the IPS Spam Service which is something like "You are not allowed to register" with a link to the Contact Us form.

- Allow with admin approval: They get a message saying that they will receive an email message to validate once admin has approved the account

- Moderate: They register as normal, but when they go to post they will be in the moderator queue.

I've actually set my forum up so that it just lets them register anyway but they are placed on moderation. Less trouble for the user (if they are a real user) than getting totally blocked from registration and still easy to clearup or see from the first post if they are a spammer.

Link to comment
Share on other sites

It depends on the action you set:

- Deny: They get the same message as the IPS Spam Service which is something like "You are not allowed to register" with a link to the Contact Us form.

- Allow with admin approval: They get a message saying that they will receive an email message to validate once admin has approved the account

- Moderate: They register as normal, but when they go to post they will be in the moderator queue.

I've actually set my forum up so that it just lets them register anyway but they are placed on moderation. Less trouble for the user (if they are a real user) than getting totally blocked from registration and still easy to clearup or see from the first post if they are a spammer.

aaah great! :)

i just test the disposable but 10 minute mail still works.

Is there maybe a way to add more domains?

Edited by PANL
Link to comment
Share on other sites

  • 2 weeks later...
  • 3 months later...

Appreciate the work put into this--while I know it's something you built for your own site, I was wondering if you've tested recently with the latest version of IPS4. Particularly interested in the keyword blocker. Ran a few test posts with a few expressions (including your language blocks) and the offending post generates an EX2 error code. Funny thing is, the post still makes it through unmoderated, but does not trigger a notification email. 

Link to comment
Share on other sites

  • 3 weeks later...
On 22 December 2015 at 6:16 AM, gbarry said:

Appreciate the work put into this--while I know it's something you built for your own site, I was wondering if you've tested recently with the latest version of IPS4. Particularly interested in the keyword blocker. Ran a few test posts with a few expressions (including your language blocks) and the offending post generates an EX2 error code. Funny thing is, the post still makes it through unmoderated, but does not trigger a notification email. 

I just upgraded my dev site to 4.1.6.1 and as far as I can tell everything is looking ok. I looked at the code changes and there doesn't seem to be anything that should have changed. Is anyone else able to replicate this?

Edit: Nah, something is a bit screwy, I'll have to investigate more.

Edit2: Actually the bug I saw was nothing to do with the plugin, some sort of advanced search error that happens even without the plugin. 

 

 

Edited by AutoItScript
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...