Jump to content
bfarber
 Share


Spam Service Updates

Our proprietary Spam Service which was launched in 2009 has been a very popular feature for IP.Board license holders. This service (which is included at no additional cost for all active license holders) is queried during account registration on your IP.Board installation and will respond to the query with a flag to indicate the likelihood that the registration might be a spammer. You can control how your site should react to the various responses the service may return in the admin control panel, and combined with other anti-spam tools in IP.Board you can help prevent spam registrations from occurring on your site.

While the system is constantly "learning" and blocking new spam signups, we have performed some updates to the service recently that we feel will help the system respond even quicker and more reliably to spam account registrations.


First, Some Stats

For those interested, we have some interesting statistics to share with you.

To date, the spam service has responded to over 58 million requests! The service has responded to almost 163,000 requests in the last 24 hours alone, and the service continues to respond to between 5,000 and 10,000 more requests day over day.

A total of over 23 million user registrations have been blocked (i.e. a status code of 3 or 4 was returned by the spam service) to date. That's 23 million spammers we've helped you prevent from disrupting your community.


Quicker Responses

With the recent updates we performed, the system will more quickly respond to new spammer accounts than it did previously. It is important that the system do not treat a single report of a spammer as a permanent block on that account of course, however we identified several areas where the algorithms used could be tweaked to more quickly identify potential spammers and have performed these changes. Additionally, by use of decaying flags (treating newer reports with a higher priority than older accounts), the system can more quickly respond to new spammer threats.


Project Honeypot Integration

We have integrated our spam service with the popular Project Honeypot service. This means that all account registrations are checked through Project Honeypot, and the threat score that is returned from this service is used to help determine the likelihood of the IP address being associated with a spammer.


Stop Forum Spam Integration

In addition to integration with Project Honeypot, we have integrated the IPS Spam Service with Stop Forum Spam. Our spam service will check the Stop Forum Spam email address and IP address databases and use any information found here to help weight and score the likelihood that the registration is coming from a spammer.

It is important to note that we do not rely directly on the Stop Forum Spam data to determine a spammer status, but are instead using the data from this service to help weight the overall score based on all of the flags we have available.


Enterprise Spam Mitigation

If you are in a load balanced or cloud environment, you may wish to take advantage of this new offering which allows calls to the spam service from multiple origins using the same license key. Additionally, this service allows greater control over your spam mitigation service including weighting algorithm preferences and customized blacklists and whitelists. This addon service is available for $100/6 months. For more information, please contact our sales department.



Collectively we feel the changes we have made to the service will benefit all IPS customers who are making use of our IPS Spam Service. We hope these changes help your community fight the threat of spam more rigorously and more reliably than ever before.

 Share

Comments

Recommended Comments



When this rolls out please provide adequate documentation as to how to REMOVE existing SFS and honeypot - that is if the installer is not able to identify existence and conversion or removal.

If this is out now is what we have running duplicitous, potential conflict?

Link to comment
Share on other sites

When this rolls out please provide adequate documentation as to how to REMOVE existing SFS and honeypot - that is if the installer is not able to identify existence and conversion or removal.

If this is out now is what we have running duplicitous, potential conflict?

 

If you have the Stop Forum Spam plugin installed, I can't see it hurting your site along with the new Spam Service changes, as the Spam Service would catch the spammers before they got to the Stop Forum Spam plugin.

Link to comment
Share on other sites

I think some of you missed this important part.. it will answer the questions above. 

 

"It is important to note that we do not rely directly on the Stop Forum Spam data to determine a spammer status, but are instead using the data from this service to help weight the overall score based on all of the flags we have available."

 

So it's very likely that your other third party items are no longer needed if installed.  

Link to comment
Share on other sites

Please be aware that we do not *directly* take results from SFS and block users based on this.  We feel this is too open to the public to rely on directly.  Instead we mix in the results found from SFS and Projecty Honeypot with our own internal algorithms to help create a score that we return to your community.

 

There is no problem running the local addons you guys are speaking of, although you may find them increasingly unnecessary since we are checking them at our gateway level as well.  I would encourage you to try both with those mods enabled and disabled to find the appropriate balance for your specific community. :)  SFS addons will give you the ability to block many more registrations than our service will likely do by default, but this comes at a cost of potentially blocking legitimate users which we shy away from.

Link to comment
Share on other sites

on the SFS stuff, if answering is not a violation of TOS, I am wondering if you worked out a deal with them. I remember reading they sometimes had issues due to too many requests so was wondering how they and you worked around this as it seems this would add a lot to them.

I think this hybrid should be a very useful tool especially if we have config options available.

Link to comment
Share on other sites

Wouldn't it make more sense if the system was working based off calls to the spam service from one single DOMAIN instead of one single IP? That would easily solve the dynamic IP issues... Instead of unnecessarily charging an extra100$ for it...

Link to comment
Share on other sites

Wouldn't it make more sense if the system was working based off calls to the spam service from one single DOMAIN instead of one single IP? That would easily solve the dynamic IP issues... Instead of unnecessarily charging an extra100$ for it...

 

You can't detect from a HTTP request which domain it originates from. That's not how TCP/IP works.

Link to comment
Share on other sites

on the SFS stuff, if answering is not a violation of TOS, I am wondering if you worked out a deal with them. I remember reading they sometimes had issues due to too many requests so was wondering how they and you worked around this as it seems this would add a lot to them.

I think this hybrid should be a very useful tool especially if we have config options available.

 

We are not querying their service for every hit.  We are using their downloadable databases which we periodically reimport automatically to keep the data fresh.

 

Similarly, we are using the http::BL service from Project Honeypot to query via DNS, which doesn't result in a request to their servers for every request.

Link to comment
Share on other sites

 

We are not querying their service for every hit.  We are using their downloadable databases which we periodically reimport automatically to keep the data fresh.

 

Similarly, we are using the http::BL service from Project Honeypot to query via DNS, which doesn't result in a request to their servers for every request.

I was wondering if that was what was happening, thanks.

Link to comment
Share on other sites




Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...