Page 2 of 2

Posted: Sun Mar 30, 2008 8:52 am
by Davacardo
Holger wrote:We'll always have to try to be quicker and more clever than the spammers... :-/
Times like this I wish I could delete posts or something so I could help.
Maybe a filter could be implemented that blocks explicit language?

Posted: Sun Mar 30, 2008 2:37 pm
by Holger
> Times like this I wish I could delete posts or something so I could help.

I have written a little shell/SQL script that automatically wipes out all posts of a given user, so it's very easy now to mass-delete posts by smap users. (No idea why this isn't already in phpBB, like a checkbox "[x] delete all posts by this user" when deleting a user account.)

> Maybe a filter could be implemented that blocks explicit language?

There is such a thing in phpBB, but it only changes pre-defined explicit words into more harmless words. I thought this is useless, therefore I (mis)used it for the well-known level sketch feature in this forum. ;-)

But it wouldn't help against explicit images and links to the advertised sites.

As I'm quite convinced that we have to do with manual spammers here, I finally activated the "account activation" feature in phpBB, which requires each new registered user account to be activated by the forum administrator before the new user can post into the forum. I do not like this, as new users cannot instantly post with this configuration setting, but it should finally help here.

If the spammers have lost interest of this forum, I might configure it back to the previous, less restrictive (but more spam-friendly) setting...

If we still get spam now, then there must be a security problem with the latest version of phpBB2. In this case, I might be forced to consider upgrading to phpBB3 (which I don't want to do, because I then would have to port at least the level sketch stuff to phpBB3, too, and maybe also the KittenAuth stuff).

Let's see what happens the next few days. (At least the spammers brought some life (well, sort of) into this currently very quiet forum... ;-) ;-) )

Posted: Sun Mar 30, 2008 7:43 pm
by Holger
> If we still get spam now, then there must be a security problem with the
> latest version of phpBB2.

Just got a "New user account" activation request mail for a user called "Gladys_Mensercdbc" (a name that fits perfectly into the scheme of past spam users here), together with a Google mail account that looks similarily "throw-away mailbox" style than those of the previous spam user accounts.

Very good. This means that there's no security hole where the spammers got through, but they used the usual registration page. As I'm 99,9% sure that there is no spam bot specifically tailored for the R'n'D KittenAuth system, these were all manual spammers (at least for creating the accounts, while probably not for posting the spam posts).

Just deleted that user. If the spammers have enough time to waste to read this, they will probably continue with a new naming scheme. If they do, I will be forced to contact them by mail before activating their account (to try to see if it's a spammer or not), which means that they would have to answer mails in their throw-away mail accounts. I doubt that they would do that.

Hope that these ugly folks will give up on this forum now... ;-D

Posted: Sun Mar 30, 2008 10:48 pm
by Daniel H.
Holger wrote:I have written a little shell/SQL script that automatically wipes out all posts of a given user, so it's very easy now to mass-delete posts by smap users. (No idea why this isn't already in phpBB, like a checkbox "[x] delete all posts by this user" when deleting a user account.)
FYI-- when deleting a user in phpBB3, you get an option of "Retain posts" or "Delete posts." (But that would require an upgrade...)

Posted: Sun Mar 30, 2008 11:13 pm
by Holger
> FYI-- when deleting a user in phpBB3, you get an option of "Retain posts"
> or "Delete posts." (But that would require an upgrade...)

Very useful! Just wondered why this wasn't already in phpBB2...

Yes, an upgrade to phpBB3 would make it even easier then (but would also require porting the level sketch and KittenAuth features to phpBB3, so I want to stay with phpBB2 for now). For now, the spam users cannot register and start posting immediately anyway...

Just deleted another two newly registered spam users -- if they keep on registering, it might indeed be possible that they register automatically, despite of KittenAuth, which I still can't imagine. Again, I'm curious what might happen...

Posted: Mon Mar 31, 2008 8:46 am
by Davacardo
Holger wrote:Just deleted another two newly registered spam users -- if they keep on registering, it might indeed be possible that they register automatically, despite of KittenAuth, which I still can't imagine. Again, I'm curious what might happen...
Score one for the anti-spammers! Let them know that we will not have their spam in this forum.

Posted: Wed Apr 02, 2008 11:26 am
by Sascha
*sigh* If there were just no spammers life would be a lot easier...

Posted: Wed Apr 02, 2008 7:03 pm
by RTADash
Sascha wrote:*sigh* If there were just no spammers life would be a lot easier...
Cheers to that :)

Posted: Sat Apr 05, 2008 4:24 am
by RTADash
Ahh, it warms my heart to see that the spammers can't post even after they register manually - Holger definitely made a good move there! :D

Posted: Tue Apr 08, 2008 3:04 am
by Grunt002
I was just wondering the other day (actually a minute ago), are there ever new users registering regularly?
If not, would a manual account activation by an admin work out here?

Posted: Sun Apr 20, 2008 6:52 am
by Holger
> I was just wondering the other day (actually a minute ago), are there ever
> new users registering regularly?

Yes!

> If not, would a manual account activation by an admin work out here?

That's what we're doing here -- spammers are deleted (and can't post anymore even if they registered), and normal, new users are activated.

It may be possible that the forum will be opened again for registering without admin activation in the future -- I have tracked down the patterns that the spammers use. I better don't tell it publicly here what I did exactly, but as you may have noticed, there are practically no new spam registrations in the forum anymore, because I am able now to detect the spam registrations by typical patterns they use and not let them register at all (but instead send out a mail to me to inform me of that failed spam registration attempt).

Those manual spammers try to register around once per hour, regardless if it fails or not! And there are indeed indications that they are human beings and not a spam bot -- apparently there are "human spam farms" with people solving captchas to register spam users in forums and other web services. No joke! :-o

Unless they change their "pattern" I use to detect them (they probably *will* some day), there won't be many new spam users here for now. Let's see how long it lasts... ;-) :-/