1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Getting inundated with spam

Discussion in 'General XenForo Discussion and Feedback' started by cmeinck, May 10, 2012.

  1. cmeinck

    cmeinck Well-Known Member

    I've tried questions, captcha --- to no avail. Every morning I wake up to a ton of reports of spam. They all look like the attached photo, all use a Gmail account. They all come from India. I'd wildcard the IP, but we can only wildcard the end. I'm also use XenUtils with Botscout, Fspamlist enabled with API.

    Screen Shot 2012-05-10 at 9.05.07 AM.png

    Any suggestions?
  2. mrGTB

    mrGTB Well-Known Member

    What type of questions are you using? Give an example of what you use could be your questions and answers are not good.
  3. cmeinck

    cmeinck Well-Known Member

  4. Digital Doctor

    Digital Doctor Well-Known Member

    Those are pretty good.
  5. iTuN3r

    iTuN3r Well-Known Member

    These are real human spammers lol ! Yes major spammers lately i have seen are all from india .
    loophole likes this.
  6. mrGTB

    mrGTB Well-Known Member

    They don't seem that bad to be honest. What you could try is linking to a page on forum asking a harder question like "What's is the 3rd word on second line in this thread from right". But it sounds to me looking at the questions already used, you've got human spammers at work, so doesn't matter what Q/A you use.

    Really, you need something like StopForumSpam extra in dealing with human spammers. That's slated to be included in XF 2.1 by default.
  7. craigiri

    craigiri Well-Known Member

    If your audience is specific to certain countries, you could tighten up the questions a bit.

    What is the first name of the founder(s) of Apple Computer?

    What is the first name of the crooner Sinatra?


    Also, ask yourself how many REAL members you get signing up each day. If it is less than 15 or so, I'd suggest manually approving them. Of course, this entails you being online each day as you can't ask them to wait too long. I do this in less than 5 minutes a day.

    If you manually approve, use your fuzzy logic (brain)...look at username, email and then check where the IP is located. I delete any and all from the other side of the world (due to the nature of my forums)...and, although I have deleted thousands of them, I have never received a single complaint.

    We have almost no SPAM problem......even with 10,000 plus visitors on a busy day. The key is to get most of them before they have posting privileges.
  8. cmeinck

    cmeinck Well-Known Member

    If I could, I would ban the entire country.
    DBA likes this.
  9. mrGTB

    mrGTB Well-Known Member

    A lot of them use Yahoo free mail, try banning yahoo mail and that will halt many getting in. Nobody uses Yahoo mail these days anyway unless being a spam boy. A lot use Gmail also I noticed before in SFP logs, but you can't really ban that one.
    0xym0r0n likes this.
  10. cmeinck

    cmeinck Well-Known Member

    This group has been using Gmail exclusively.
  11. mrGTB

    mrGTB Well-Known Member

    That's a problem then!
  12. cmeinck

    cmeinck Well-Known Member

    They also avoid the pattern of using the About, Homepage or Signature --- thus avoiding XenUtils spam tracker. Guess I could reinstate the Add On that requires a specific # of posts in order to add links.
  13. Digital Doctor

    Digital Doctor Well-Known Member

    Are the spammers signing up .... and posting right after approval ?

    For me, ideally people could be approved once they verify their email ... but they would still end up in some approval queue ... so I could go over them. Would that help ?
  14. mrGTB

    mrGTB Well-Known Member

    Not daft are they, knowing your average forum admin would never block Gmail. They very nearly forced me into taking the MyBB forum down early I ran before after only a few weeks online, only adding StopForumSpam seemed to halt them getting in, along with blocking certain free emails like Yahoo to help boost things further. The add-on I used with MyBB though allowed you to write a LOG file (turned on and off) at will created in ROOT, it was handy to see what emails and IP address got used most blocked. So you could then add more popular email spotted to ban list.
  15. Caelum

    Caelum Well-Known Member

    You could ban all IP ranges coming from India using a htaccess file if you're sure that's what you want. You could also block based on user agent instead.

    A quick search came up with http://mwolk.com/blog/block-india-ip-range-to-access-your-site/, but you might be able to find a better list/alternative method through some more searching.

    EDIT: Also, it's possible to change your user agent or use a proxy. This wouldn't necessarily help; it kind of depends on how much effort these spammers are willing to go through. Also, you'd block legitimate users.
  16. Claudio

    Claudio Well-Known Member

    gmail has started to activate accounts after send a code to a phone, so this indian people might have tons of cellphones maybe?
  17. robdog

    robdog Well-Known Member

    There was a mod on here that allows you to block entire countries. I have about 10-15 countries that I block(on registration) and show a message to them to send me an email to manually create them an account.

    This has pretty much dried up all my spam. And yes, India is on my ban list for sure.
  18. Ingenious

    Ingenious Well-Known Member

    Agree with robdog, this is easiest done by blocking whole countries.
  19. Sadik B

    Sadik B Well-Known Member

    Well hate it when "India" comes up in these discussions... well but it's true, too many Spammers from Indian IPs. What I do is use StopForumSpam with API (XenUtiles) and My AntiSpam Addon (Which does not allow anyone to post links till a certain post count) and use Q&A for registration. So the net result is 0 Auto Spam and the few manual spammers who get in avoiding StopForumSpam still cannot post a link anywhere so do not post at all!
    0xym0r0n and simbolo like this.
  20. ManagerJosh

    ManagerJosh Well-Known Member

    Shove the following IP address into discouraged users :)


    that will take care of them for you :)

Share This Page