the forum is spamming me

Anything R'n'D unrelated.

Moderators: Flumminator, Zomis

Post Reply
filbo
Posts: 647
Joined: Fri Jun 20, 2014 10:06 am

the forum is spamming me

Post by filbo »

I seem to be getting a set of 10 emails about spam posts by exterminated accounts 'GalenPi' and 'Ridgecopy', from Jan 14th, over and over. The emails actually claim to be dated Jan 14th (internal Date: header), but issue from artsoft.org last night.

Ohhh... hmmm, they're from staging dot whatever. Working on antispam scripts last night?
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Re: the forum is spamming me

Post by Holger »

First of all, I have to apologize for these unwanted side effects! :(

Apparently all users of the forum got these spam mails. Oh well... :-o

Yes, you're sort of right -- I had an older copy of the forum at staging.artsoft.org for some testing purposes, which did not have the effective anti-spam measures activated as the "real" forum at www.artsoft.org has. Unfortunately, spam accounts registered at that staging forum and started spamming it... :-(

I've deleted it for now. Please let me know if you should get any further spam mails. (You shouldn't, but if I should have overseen something, I would have to take further actions.)
Qufrarynai
Posts: 6
Joined: Mon Feb 25, 2019 3:03 pm

Re: the forum is spamming me

Post by Qufrarynai »

I also received a lot of letters from the forum in a few days. This is normal?
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Re: the forum is spamming me

Post by Holger »

Yes, it is normal that you get notification mails for new posts or topics in those sub-forums you are subscribed to.

If you go to your User Control Panel, you can unmark topics that you don't want to watch or receive notification mails about.
User avatar
Grunt002
Posts: 148
Joined: Fri Jun 18, 2004 8:35 pm
Location: Canada, eh?

Re: the forum is spamming me

Post by Grunt002 »

I got my first spam PM ever that made its way into my inbox today. I took it as a calling to check out the forums again and boy am I glad to see this place after all those years.
YOU LIKE MY SIGNATURE DON'T YOU?
User avatar
Metalmorphosis
Posts: 3
Joined: Tue Dec 16, 2008 10:16 am

Re: the forum is spamming me

Post by Metalmorphosis »

Woah, long time not seen. Well, I'm afraid I have to report something I hoped it won't be necessary, but it's getting annoying.

Since yesterday, I keep getting notifications about new PM's by a user named "Lolitanic777", subject "XEvil can break ANY Captcha!". I haven't opened any of these messages yet and I don't have any interest doing that in the near future.
User avatar
Eizzoux
Posts: 567
Joined: Wed Oct 30, 2013 5:32 am
Location: Russia
Contact:

Re: the forum is spamming me

Post by Eizzoux »

Yep, got 3 same message from same darn bot. I think forum should probably have some kind of "blocking" option to prohibit any messages from blocked user... maybe from foe, I dunno
𒈟
filbo
Posts: 647
Joined: Fri Jun 20, 2014 10:06 am

Re: the forum is spamming me

Post by filbo »

It should disallow PMs from new users (make them wait 24h at least); and no more than 2 sent-not-yet-received PMs from a new user (1st 6 months or so).

Of course any such restrictions can be worked around if they're sufficiently diligent. Create accounts 6mo in advance, attack later. Or create many accounts 24h in advance. But most aren't going to go to that sort of trouble.
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Re: the forum is spamming me

Post by Holger »

Sorry for all these inconveniences regarding private forum messages and posts containing just spam -- I was on vacation for the last three weeks and did not read my mails or check the forum. :-(

Apparently a few days after I was away, a whole bunch (well, several hundreds) of spam users were registered by a script, and although the spam posts created by them did not get through (I have to confirm the very first post of any newly registered user), these new users apparently can immediately start sending forum PMs to all users. :-(

I have changed this now -- users in the "new users" group" should not be able to send PMs now until they have written at least one post that was confirmend by the admin. In addition, I've limited sending PMs to only one forum user, so PMs to all forum users are not allowed anymore.

I really hate this; whenever I think the forum is finally spam-proof, they find another way to place their spam trash. :-(
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Re: the forum is spamming me

Post by Holger »

Oh well, it seems that I was happy too soon, as I nearly forgot the initial attack vector: The registration captcha, which asks R'n'D related questions. It does not help at all to activate new users manually it they are spam users, so they have to be blocked away directly at the registration phase. Apparently this is not the case anymore since 2019-07-25. :-(

I've added some logging to the forum to see what the results are when new users try to register to the forum. Here are some examples:

Code: Select all

Q: What is the name of the classic game that lets you push objects onto special fields to solve the level? [hermannj1]
A: puzzle [hermannj1]
SOLVED: N [hermannj1]

Q: You know the classic game that contains Murphy, zonks, infotrons, electrons and scissors -- what is the name of the Windows clone of this game that starts with "M"? [hermannj1]
A: minecraft [hermannj1]
SOLVED: N [hermannj1]

Q: R'n'D is a game in the tradition of certain classic arcade games. Enter one such game! [adexx958]
A: boulder dash [adexx958]
SOLVED: Y [adexx958]

Q: In many R'n'D style levels, there are enemies that try to kill you. Enter one such enemy!
A: bug [Autumnflide]
SOLVED: Y [Autumnflide]

Q: In many R'n'D style levels, there are enemies that try to kill you. Enter one such enemy!
A: pac man [Audreyjoype]
SOLVED: Y [Audreyjoype]

Q: What is the name of the classic game that lets you push objects onto special fields to solve the level?
A: tetris [Anthonypealk]
SOLVED: N [Anthonypealk]

Q: What is the name of the classic game that contains emeralds, bugs, spaceships, robots, bombs and dynamite? [Anthonypealk]
A:  [Anthonypealk]
SOLVED: N [Anthonypealk]

Q: In some R'n'D style levels, there are creatures that do NOT try to kill the player. Enter one such creature! [Anthonypealk]
A: pig [Anthonypealk]
SOLVED: Y [Anthonypealk]

Q: Which game element is usually needed to crack a nut in R'n'D style levels?
A:  [tomhg2]
SOLVED: N [tomhg2]

Q: In some R'n'D style levels, there are creatures that do NOT try to kill the player. Enter one such creature! [tomhg2]
A: shark [tomhg2]
SOLVED: N [tomhg2]

Q: You know the classic game that contains Murphy, zonks, infotrons, electrons and scissors -- what is the name of the Windows clone of this game that starts with "M"? [tomhg2]
A: megaplex [tomhg2]
SOLVED: Y [tomhg2]
My first thought was that the captcha answers were leaked from the database, but interestingly, there are some wrong answers like "puzzle", "minecraft", "tetris" and "shark" that let me think that the attacker might use some sort of (simple or not so simple) AI for answering the captcha questions, which would make it hard to come up with some new set of questions which would be bullet-proof against this kind of attack. :(
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Re: the forum is spamming me

Post by Holger »

OK, I've just changed the "spam countermeasures" when registering from "Q & A" to "reCAPTCHA" (the Google one with the "I'm not a robot" checkbox).

Let's see if this will improve things ... :-/
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Re: the forum is spamming me

Post by Holger »

Apparently it does not help (eight new spam user registrations since using reCAPTCHA).

Looking for a new, different solution now... :(
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Re: the forum is spamming me

Post by Holger »

Next try: I've removed all anti-spam questions that were answered correctly by the bot and added a new question for every question that was removed (to have an overall number of ten questions again).

Let's see if this works a bit better than the previous questions or the Google captcha...
filbo
Posts: 647
Joined: Fri Jun 20, 2014 10:06 am

Re: the forum is spamming me

Post by filbo »

Where's the '10,000 volts at 500 amps down the wire to the spam initiator' option?
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Re: the forum is spamming me

Post by Holger »

Where's the '10,000 volts at 500 amps down the wire to the spam initiator' option?
Yes, I'm also missing this option!! :lol:

BTW: The new anti-spam questions seem to work fine so far. Apparently the bot/script/AI is not as clever as I was afraid it might be. Lot's of tries by the bot script, but no successful attempt to create a new user so far...
Post Reply