Need a spam filter and antispam filter or some sort?

Previous topic - Next topic

spacefractal

Im have recently uses too much of my time to delete various spam as well im got report for every spam post, which gonna to been quite very annoying. Here is why im changed the email adress recently, because being to been too much.

Today im deleted over 30 spam post from the same user (banned on ip-number).

We need to do something with that. Etc adding a anti filter, or much easier metod to delete all post at once from a spam user, which is impossible.

PS. We should delete all users that have none post, because most of them is spammers (not all). But im dont have time to doing that they, or possible to do that.
Genius.Greedy Mouse - Karma Miwa - Spot Race - CatchOut - PowerUp Elevation - The beagle Jam - Cave Heroes 2023 - https://spacefractal.itch.io/

spacefractal

also im might have accidently deleted a none spam post, due that user (gbal v2?). Im do cant bring it back. sorry. Its was a post from 2009 throught.
Genius.Greedy Mouse - Karma Miwa - Spot Race - CatchOut - PowerUp Elevation - The beagle Jam - Cave Heroes 2023 - https://spacefractal.itch.io/

msx

It can be deleted by doing a query from PHP-MyAdmin but I do not know how to structure the SMF forum and could be worse the remedy than the disease.

An antispam MOD like this could be installed https://www.stopforumspam.com/mods#link_smf

r0ber7

More strict registration (re-Captcha maybe?) could help.

Moru

We have two spamblockers that block *a lot* of spam already. You should see how it looks without them... Thousands of users every day. This month has been more because I haven't been around taking care of the reporting of new ip-numbers since I was on vacation. Recaptcha does not really work because people get payed to register accounts and spam. Nothing beats real people... All we can do is keep banning on IP-number (make sure you ban them with Stop Forum Spam so they get banned globally, not just on GLBasic.com)

spacefractal

#5
I'm still delete quite a part and get reported emails (mostly them I'm got tired of).

Mostly it's none English spam I'm seen today (example in Greek me thinks). For few days ago im saw about 20 new spam users with same 4 letters to start from.

I'm have not seen spam global forum in my admin?
Genius.Greedy Mouse - Karma Miwa - Spot Race - CatchOut - PowerUp Elevation - The beagle Jam - Cave Heroes 2023 - https://spacefractal.itch.io/

bigsofty

I've noticed that a lot of spammers use auto generated names but use the same signature, usually a spam website link, maybe there's a filter that can collate and ban via the signatures.

Most of these are bots tuned to certain forum code, maybe some small alterations(tag names etc.) to the registration/thread creation code could confuse them too?

Even a post captcha, something unobtrusive, like a random sum (3+7=?) should be enough to confuse 99% of bots.
Cheers,

Ian.

"It is practically impossible to teach good programming style to students that have had prior exposure to BASIC.  As potential programmers, they are mentally mutilated beyond hope of regeneration."
(E. W. Dijkstra)

Moru

We have tried all those things, it's all broken already. Only thing that works is the "Bad behaviour" mod and the "Stop Forum Spam" thing that keeps global records of ip-numbers, usernames and email adresses. Now and then there is a new ip block that gets through but usually gets banned within a few hours. I don't think everyone can access the global banning function though.

Blocking links in the signature should really be a function in the forum software, it's the easiest way of blocking the main reason they create users. Noone will notice them if they don't post anything but the link still exists on the homepage so google can find it. But we haven't found such a setting yet unfortunately.


Moru

Oh, and 3+7=? (or even 3 plús 7) doesn't work since the ones getting through is often real humans working as account-creators in some office. There is even homepages that display the captcha from a totally different page to users. They are defeating the captcha of another page to be able to access a porn page for example.

spacefractal

most spam im have seen is in a language we dosent use, or its a porn spam. None of them activity for glbasic at all.

Captcha is bad and dosent work. howover a math captcha dosent work at all either.

howover we could ask something "favorit language" or something like that.

So the register page need to been changed to something different. Also Captcha could used for asking for the same thing as did in the register for the first 5 posts.... (if possible to find a mod like that).

Genius.Greedy Mouse - Karma Miwa - Spot Race - CatchOut - PowerUp Elevation - The beagle Jam - Cave Heroes 2023 - https://spacefractal.itch.io/

MrPlow

No sure but what I did in past for another forum was...

Edit the forum source code and remove the default link to signup and rename the signup register file to something like 4547878273.php

Then use a javascript encoded link of some kind to allow users to click on link.

This helps avoid Bot signups.
Comp:
Speccy-48k, Speccy-128k, Amigas, PCs

msx

You can implement activation by email.

Moru

Quote from: msx on 2017-Mar-15
You can implement activation by email.

We have that already, there is about 1 or two per week that does *not* manage to get past this stage, the rest has no problems getting past it. Activation by email is easy enough to automate.

Editing forum code makes problem when updating.

msx

All this happens because it is a forum with success  :D

bigsofty

Quote from: Moru on 2017-Mar-15
Oh, and 3+7=? (or even 3 plús 7) doesn't work since the ones getting through is often real humans working as account-creators in some office. There is even homepages that display the captcha from a totally different page to users. They are defeating the captcha of another page to be able to access a porn page for example.

English is not usually their 1st language, you can use that against them too. E.g. Random questions "What is GLBS creators 1st name?" or the more usual "name that picture". Basically mix it up.

And don't ban by IP only, any cheap dynamic Pi will get around that. Use lookupIP to find there internet provider and ban that providers domain ip range, as long as it's reasonably obscure. Provide a link on the main page to email an unban request.

Use the SMF beta anti-spammers plugins, usually the spammers don't keep up with the latest code.

BTW I used to run a gaming clan website for years with PHPBB forum, PHPBB attracts spammers like flies to sh*t  :S so I've plenty of experience with spammers.
Cheers,

Ian.

"It is practically impossible to teach good programming style to students that have had prior exposure to BASIC.  As potential programmers, they are mentally mutilated beyond hope of regeneration."
(E. W. Dijkstra)