Dealing With Forum Spam

[Jake Bunce]

Jake Bunce submitted a new resource:

Dealing With Forum Spam (version 1.x) - A comprehensive list of tools and strategies for dealing with spam bots on your forum.

There is a new program called Xrumer that spammers are using to attack forums everywhere. Many XenForo owners have seen a sharp increase in the number of spam registrations and spam posts. There are several ways to deal with this.

Cleanup Existing Spam

Spam Cleaner

This is easy. XenForo has a built-in spam cleaner tool to quickly eradicate spammers and their posts once they have posted. See this post by Kier for a video demonstration of the spam cleaner:...​

Read more about this resource...

 

[DRE]

xrumer came out 3rd quarter 2010, around the same time xenforo beta came out. one of the best effective ways to keep xrumer bots off a site is to use question and answer. recaptcha has been garbage for two or three years now.

 

[RobinHood]

You should package this info up and sell it in a bottle, it shall be named, cillit spam!

 

[DRE]

You should package this info up and sell it in a bottle, it shall be named, cillit spam!

View attachment 33438

lol soon as I saw that pic I was reminded of this...

 

[Anthony Parsons]

I also find using the registration option to stop discouraged user IP re-registering helpful against this current wave, as they're registering dedicated servers around the globe to spam with, until each one is reported and banned, thus giving them unique, yet legitimate IP's each wave. I found getting the first ones quickly via jaxels xenutiles and discouraging the IP is also curbing the issue real quick.

Splendidpoints anti-spam is a must have IMHO... that little thing ceases all forum and profile spam quick smart.

 

[cmeinck]

I've got 4 of the add-ons listed, but they don't stop this from happening. Sure they are no follow, but spammers build backlinks to these profiles. That creates bad neighborhood links pointing to your website. I eradicate these daily using XenUtils, but I'm waiting for an add-on that will stop them. Ultimately, we need a way to remove the capability of new users to edit their 'About' data.

 

[Taxi]

That is why I delete spam accounts created on my forum, rather than just banning them.

I can't think of any good reason to keep them around, other than it may keep them from registering with the same user name repeatedly, but I figure they're randomizing user names anyway, so there is really no benefit to keep them.

 

[Anthony Parsons]

Ultimately, we need a way to remove the capability of new users to edit their 'About' data.

Are you also using the registration verification options back to stop forum spam and the others? I use all of them, and with 6000 visits daily I see nearly nothing in spam.

 

[Anthony Parsons]

That key captcha rocks... installed on all my forums in minutes. No bot is getting through that sucker.

 

[Anthony Parsons]

Yep, wokeup this morning after installing key captcha, no more spam bot spam.

 

[Andy.N]

Just a little warning that one of my members happens to be a sleeper cell spammer.
Signed up in May 2010, with the email wmppcsf@lykamspam.pl
Logged in few times from IP addresses that appears to be US military bases in TX.
And today, posted his first post "unlock iphone 4 to tmobile"

I'm sure there will be many sleeper cell spammers like this since I was still using VB 3.7 back in 2010.

 

[swatme]

Just a little warning that one of my members happens to be a sleeper cell spammer.
Signed up in May 2010, with the email wmppcsf@lykamspam.pl
Logged in few times from IP addresses that appears to be US military bases in TX.
And today, posted his first post "unlock iphone 4 to tmobile"

I'm sure there will be many sleeper cell spammers like this since I was still using VB 3.7 back in 2010.

that is why its not recommended to DELETE the spammers account because they will reuse the email.
what we need is to ban the account instead

 

[MikeMpls]

that is why its not recommended to DELETE the spammers account because they will reuse the email.
what we need is to ban the account instead

If you are using StopForumSpam the reuse of the email will be detected. I see no good reason to keep this crud around.

 

[BGL]

Just had to use XenForo's Spam Cleaner. Nice feature as it cleaned it all out in a couple clicks.

Question on banning IP addresses. Am I in danger of banning future legitimate users?

 

[Jake Bunce]

Question on banning IP addresses. Am I in danger of banning future legitimate users?

Umm, yeah I guess. The problem is that IPs aren't a good means of identifying or banning users. Many people have dynamic IPs, and serious spammers will just use proxies. So IP banning just isn't very effective unless you are going to block an entire country or something.

 

[MagnusB]

They keep getting recycled, so you might end up banning a legit user. I usually never ban IP unless I really have to.

 

[BGL]

Umm, yeah I guess. The problem is that IPs aren't a good means of identifying or banning users. Many people have dynamic IPs, and serious spammers will just use proxies. So IP banning just isn't very effective unless you are going to block an entire country or something.

So I should just ban the user/email?

 

[Jake Bunce]

So I should just ban the user/email?

Email bans aren't effective against spammers either unless you perhaps ban entire email domains. They just register new email accounts. Just ban the user and setup blocks for registration like Q&A.

 

[rootsxrocks]

Q&A have stopped most of the spammers but not all, the more obscure the questions the better it works but that also dissuades some valid users I tend to refer to it as a registration IQ test . Its best to monitor and clean them on a regular basis, I do it manually because stop forum spam rejects a lot of user names .
One of my favorites is if there are 12 doves sitting on a power line and you shoot one how many remain ?
It really weeds out the less bright.

 

[Jake Bunce]

Q&A have stopped most of the spammers but not all, the more obscure the questions the better it works but that also dissuades some valid users I tend to refer to it as a registration IQ test . Its best to monitor and clean them on a regular basis, I do it manually because stop forum spam rejects a lot of user names .
One of my favorites is if there are 12 doves sitting on a power line and you shoot one how many remain ?
It really weeds out the less bright.

Just keep in mind that questions with numeric answers are much more easily guessable by bots. I recommend avoiding numeric answers.