Getting inundated with spam

[cmeinck]

I've tried questions, captcha --- to no avail. Every morning I wake up to a ton of reports of spam. They all look like the attached photo, all use a Gmail account. They all come from India. I'd wildcard the IP, but we can only wildcard the end. I'm also use XenUtils with Botscout, Fspamlist enabled with API.

124.253.26.223​

Any suggestions?

 

[mrGTB]

What type of questions are you using? Give an example of what you use could be your questions and answers are not good.

 

[cmeinck]

 

[Digital Doctor]

Those are pretty good.

 

[iTuN3r]

These are real human spammers lol ! Yes major spammers lately i have seen are all from india .

 

[mrGTB]

They don't seem that bad to be honest. What you could try is linking to a page on forum asking a harder question like "What's is the 3rd word on second line in this thread from right". But it sounds to me looking at the questions already used, you've got human spammers at work, so doesn't matter what Q/A you use.

Really, you need something like StopForumSpam extra in dealing with human spammers. That's slated to be included in XF 2.1 by default.

 

[craigiri]

If your audience is specific to certain countries, you could tighten up the questions a bit.

What is the first name of the founder(s) of Apple Computer?

What is the first name of the crooner Sinatra?

Etc.......

Also, ask yourself how many REAL members you get signing up each day. If it is less than 15 or so, I'd suggest manually approving them. Of course, this entails you being online each day as you can't ask them to wait too long. I do this in less than 5 minutes a day.

If you manually approve, use your fuzzy logic (brain)...look at username, email and then check where the IP is located. I delete any and all from the other side of the world (due to the nature of my forums)...and, although I have deleted thousands of them, I have never received a single complaint.

We have almost no SPAM problem......even with 10,000 plus visitors on a busy day. The key is to get most of them before they have posting privileges.

 

[cmeinck]

If I could, I would ban the entire country.

 

[mrGTB]

A lot of them use Yahoo free mail, try banning yahoo mail and that will halt many getting in. Nobody uses Yahoo mail these days anyway unless being a spam boy. A lot use Gmail also I noticed before in SFP logs, but you can't really ban that one.

 

[cmeinck]

A lot of them use Yahoo free mail, try banning yahoo mail and that will halt many getting in. A lot use Gmail also, but you can't really ban that one.

This group has been using Gmail exclusively.

 

[mrGTB]

That's a problem then!

 

[cmeinck]

They also avoid the pattern of using the About, Homepage or Signature --- thus avoiding XenUtils spam tracker. Guess I could reinstate the Add On that requires a specific # of posts in order to add links.

 

[Digital Doctor]

Are the spammers signing up .... and posting right after approval ?

Also, ask yourself how many REAL members you get signing up each day. If it is less than 15 or so, I'd suggest manually approving them. Of course, this entails you being online each day as you can't ask them to wait too long. I do this in less than 5 minutes a day.

For me, ideally people could be approved once they verify their email ... but they would still end up in some approval queue ... so I could go over them. Would that help ?

 

[mrGTB]

Not daft are they, knowing your average forum admin would never block Gmail. They very nearly forced me into taking the MyBB forum down early I ran before after only a few weeks online, only adding StopForumSpam seemed to halt them getting in, along with blocking certain free emails like Yahoo to help boost things further. The add-on I used with MyBB though allowed you to write a LOG file (turned on and off) at will created in ROOT, it was handy to see what emails and IP address got used most blocked. So you could then add more popular email spotted to ban list.

 

[Caelum]

If I could, I would ban the entire country.

You could ban all IP ranges coming from India using a htaccess file if you're sure that's what you want. You could also block based on user agent instead.

A quick search came up with http://mwolk.com/blog/block-india-ip-range-to-access-your-site/, but you might be able to find a better list/alternative method through some more searching.

EDIT: Also, it's possible to change your user agent or use a proxy. This wouldn't necessarily help; it kind of depends on how much effort these spammers are willing to go through. Also, you'd block legitimate users.

 

[Claudio]

gmail has started to activate accounts after send a code to a phone, so this indian people might have tons of cellphones maybe?

 

[robdog]

There was a mod on here that allows you to block entire countries. I have about 10-15 countries that I block(on registration) and show a message to them to send me an email to manually create them an account.

This has pretty much dried up all my spam. And yes, India is on my ban list for sure.

 

[Ingenious]

Agree with robdog, this is easiest done by blocking whole countries.

 

[Sadik B]

Well hate it when "India" comes up in these discussions... well but it's true, too many Spammers from Indian IPs. What I do is use StopForumSpam with API (XenUtiles) and My AntiSpam Addon (Which does not allow anyone to post links till a certain post count) and use Q&A for registration. So the net result is 0 Auto Spam and the few manual spammers who get in avoiding StopForumSpam still cannot post a link anywhere so do not post at all!

 

[ManagerJosh]

Shove the following IP address into discouraged users

124.253.*

that will take care of them for you