• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Getting inundated with spam

cmeinck

Well-known member
#1
I've tried questions, captcha --- to no avail. Every morning I wake up to a ton of reports of spam. They all look like the attached photo, all use a Gmail account. They all come from India. I'd wildcard the IP, but we can only wildcard the end. I'm also use XenUtils with Botscout, Fspamlist enabled with API.
124.253.26.223


Screen Shot 2012-05-10 at 9.05.07 AM.png

Any suggestions?
 

mrGTB

Well-known member
#2
What type of questions are you using? Give an example of what you use could be your questions and answers are not good.
 

mrGTB

Well-known member
#6
They don't seem that bad to be honest. What you could try is linking to a page on forum asking a harder question like "What's is the 3rd word on second line in this thread from right". But it sounds to me looking at the questions already used, you've got human spammers at work, so doesn't matter what Q/A you use.

Really, you need something like StopForumSpam extra in dealing with human spammers. That's slated to be included in XF 2.1 by default.
 

craigiri

Well-known member
#7
If your audience is specific to certain countries, you could tighten up the questions a bit.

What is the first name of the founder(s) of Apple Computer?

What is the first name of the crooner Sinatra?

Etc.......

Also, ask yourself how many REAL members you get signing up each day. If it is less than 15 or so, I'd suggest manually approving them. Of course, this entails you being online each day as you can't ask them to wait too long. I do this in less than 5 minutes a day.

If you manually approve, use your fuzzy logic (brain)...look at username, email and then check where the IP is located. I delete any and all from the other side of the world (due to the nature of my forums)...and, although I have deleted thousands of them, I have never received a single complaint.

We have almost no SPAM problem......even with 10,000 plus visitors on a busy day. The key is to get most of them before they have posting privileges.
 

mrGTB

Well-known member
#9
A lot of them use Yahoo free mail, try banning yahoo mail and that will halt many getting in. Nobody uses Yahoo mail these days anyway unless being a spam boy. A lot use Gmail also I noticed before in SFP logs, but you can't really ban that one.
 

cmeinck

Well-known member
#12
They also avoid the pattern of using the About, Homepage or Signature --- thus avoiding XenUtils spam tracker. Guess I could reinstate the Add On that requires a specific # of posts in order to add links.
 

Digital Doctor

Well-known member
#13
Are the spammers signing up .... and posting right after approval ?

Also, ask yourself how many REAL members you get signing up each day. If it is less than 15 or so, I'd suggest manually approving them. Of course, this entails you being online each day as you can't ask them to wait too long. I do this in less than 5 minutes a day.
For me, ideally people could be approved once they verify their email ... but they would still end up in some approval queue ... so I could go over them. Would that help ?
 

mrGTB

Well-known member
#14
Not daft are they, knowing your average forum admin would never block Gmail. They very nearly forced me into taking the MyBB forum down early I ran before after only a few weeks online, only adding StopForumSpam seemed to halt them getting in, along with blocking certain free emails like Yahoo to help boost things further. The add-on I used with MyBB though allowed you to write a LOG file (turned on and off) at will created in ROOT, it was handy to see what emails and IP address got used most blocked. So you could then add more popular email spotted to ban list.
 

Caelum

Well-known member
#15
If I could, I would ban the entire country.
You could ban all IP ranges coming from India using a htaccess file if you're sure that's what you want. You could also block based on user agent instead.

A quick search came up with http://mwolk.com/blog/block-india-ip-range-to-access-your-site/, but you might be able to find a better list/alternative method through some more searching.

EDIT: Also, it's possible to change your user agent or use a proxy. This wouldn't necessarily help; it kind of depends on how much effort these spammers are willing to go through. Also, you'd block legitimate users.
 

Claudio

Well-known member
#16
gmail has started to activate accounts after send a code to a phone, so this indian people might have tons of cellphones maybe?
 

robdog

Well-known member
#17
There was a mod on here that allows you to block entire countries. I have about 10-15 countries that I block(on registration) and show a message to them to send me an email to manually create them an account.

This has pretty much dried up all my spam. And yes, India is on my ban list for sure.
 

Sadik B

Well-known member
#19
Well hate it when "India" comes up in these discussions... well but it's true, too many Spammers from Indian IPs. What I do is use StopForumSpam with API (XenUtiles) and My AntiSpam Addon (Which does not allow anyone to post links till a certain post count) and use Q&A for registration. So the net result is 0 Auto Spam and the few manual spammers who get in avoiding StopForumSpam still cannot post a link anywhere so do not post at all!