Jump to content
Charles
 Share


Spam Service Update

On 13 January 2011 we posted some information on our Spam Monitoring Service that was helping to block the huge amount of spam accounts hitting communities all over the web.

There's not much new to report - spam will always exist unfortunately - but we thought everyone would be interested to know that we were recently able to block huge ranges of attacking IP addresses.

IPS has a hosting division that provides managed community hosting for many thousands of communities. We host everyone from small, hobby sites to large enterprise clients with thousands of online users. We manage our own network and hardware to have the best possible control over the experience we can offer our clients.

We have been able to leverage our hosted network of thousands of communities to detect the signatures that the spammers were using to get past the various defenses in IP.Board. The spammers were using automated software to, for lack of a better term, brute-force their way past the reCAPTCHA service and this program left clear marks in our server logs because of the unique way it accessed the servers. Our network staff were able to, across our dozens of servers, gather up all the IP addresses used to register spam accounts and add those to the block-list on the Spam Monitoring Service.

While this is not a complete solution we were very happy to be able to detect these trends and block those spammers at the service level so the knowledge we gained from our own network could be applied to help all those with an active IP.Board license.

Fighting spam is an ongoing battle of course but we will continue to do our best to help blocking those who would try to disrupt your community. The better your community runs the better IPS grows and we take our responsibility to your community seriously.

 Share

Comments

Recommended Comments

Great job,

I wonder if the spamservice also has a function to block reply's made by guests? Especially as a few of them got though it and went into the moderation queue. Other than that I have had no issues with spammers at all :lol:

Link to comment
Share on other sites

Overall this service is very useful. However, I have come across a few false positives recently, most notably when a web proxy of a major Singaporean ISP got blacklisted by the spam service. Is there a process for submitting such false positives for removal?

Link to comment
Share on other sites

[quote name='insectdude' timestamp='1297288960']
Overall this service is very useful. However, I have come across a few false positives recently, most notably when a web proxy of a major Singaporean ISP got blacklisted by the spam service. Is there a process for submitting such false positives for removal?


Submit a ticket if you get any false positives. We can then remove them and look into what happened.

Link to comment
Share on other sites

The one place I've still been having huge problems is guest posting. I normally like to allow guests to post but have had to turn guest posting off due to getting slammed by spam. If an additional Q&A check could be added for guest posting it would really help a lot.

Link to comment
Share on other sites

Personally, I wouldn't mind seeing them create an API to tie into WHM or some such to feed a list of black list's against apache which would just stop it there (or CSF) by adding an authorized IP into the client center.. Huge amount of work, but would would have potential to create a much more solid enterprise experience

Link to comment
Share on other sites

[quote name='Robulosity2' timestamp='1297314490']
Personally, I wouldn't mind seeing them create an API to tie into WHM or some such to feed a list of black list's against apache which would just stop it there (or CSF) by adding an authorized IP into the client center.. Huge amount of work, but would would have potential to create a much more solid enterprise experience


The problem is, the sheer quantity of IP addresses that would be added to CSF would slow your server to a crawl, as it has to check every incoming and outgoing packet against all of it's ruleset.

We did block, across our entire network, the IP addresses mentioned in this blog entry, but we couldn't do it for every one in the spam service.

Link to comment
Share on other sites

With that being said, it might be possible that we could put together a script that performs the same checks we did, and reports them back to us for analysis.

Link to comment
Share on other sites

Thanks! It really is a great service! Just bought my 3rd license of IPB and one of the main reasons I am building a new community with IPB is your spam monitoring, in addition to the performance of the script on my other 2 sites.

Link to comment
Share on other sites



Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...