XF 2.2 Problem with gmail spammers

R

rhodes

Active member
Hello,
I currently have a problem with spammers. The cause is probably due to a special feature in gmail accounts. Gmail seems to ignore dots in the email address.

This means that someone registers with iamaspammer@gmail.com. If he is blocked by us, he registers again with i.am.aspammer@gmail.com, or with i.a.m.a.s.p.a.m.m.e.r@gmail.com, without having to register a new account with gmail himself.

Unfortunately, we can't block gmail completely, because many serious users have registered via gmail.

Does anyone have an idea what we can do?

Thanks
 
Sort by date Sort by votes
You can always use the manual approval of accounts on registration for checking on the accounts or you can use some custom addons for adding more checks on the new registrations here https://xenforo.com/community/resources/

I just searched and got this one, may this one fulfill your requirements.

xenforo.com

[DBTech] DragonByte Security

DragonByte keeps a watchful eye over your forum even when you are not there, and has the capability to alert you of any suspicious activity. Uses DragonByte is the ideal product for forums that are concerned about security, or wish to be alerted...
xenforo.com xenforo.com
 
Upvote 0 Downvote
I am also recently receiving lots of gmail-based registrations, none of them have spammed but they do write short worthless though relevant messages

But a great rush of mostly gmail registrations?

Something suspicious?
 
Upvote 0 Downvote
OverHere said:
I am also recently receiving lots of gmail-based registrations, none of them have spammed but they do write short worthless though relevant messages

But a great rush of mostly gmail registrations?

Something suspicious?
Click to expand...
I have had people like that. They do some messages to look legit, but will eventually start slipping site or product plugs and links into their posts. At least that has been my experience.
nocte said:
maybe they try to do some SEO-spam later (by editing the messages after a few days). How long can messages be edited on your board?
Click to expand...
Doesn't matter in my experience. They don't edit their old messages, just start inserting spam into new ones.

I generally watch new registrations that look iffy like a hawk and come down on them like a load of bricks as soon as they step out of line. I actually got yelled at by a member for being "unwelcoming" to a new registrant who, lo and behold, turned out to be a spammer of this sort.
 
Upvote 0 Downvote
djbaxter said:
...@*
Click to expand...
I don't understand this one neither the other one.

* = wildcard as far as I know, so why would this not block -any- domain? Since it's @* stated so block anything behind the @ character?
Also, if you want to block gmail, why so many wildcards, why not just using *@gmail.com which should also drop anything in front of the @ character.

Or is * not used as wildcard on Xen?
 
Upvote 0 Downvote
Having it check the stopforumspam database catches most of the bad guys. It's built in and worth activating, if you have not already done so.
 
Upvote 0 Downvote
Black Tiger said:
You are aware of the fact that my.name@gmail.com and myname@gmail.com is the same mail address right?
I don't know how that is with multiple dots, but I'm 100% sure of it with 1 dot.

You're sure it's different addresses when multiple dots are used? Otherwise this kind of block is of little use.
Click to expand...

The addresses resolve to the same Gmail account but using the *.*.* approach in the XF ACP was useful for blocking spammers who favoured that set up, without affecting legitimate users.

I don't know whether spammers still use that approach.
 
Upvote 0 Downvote
Brogan said:
The addresses resolve to the same Gmail account but using the *.*.* approach in the XF ACP was useful for blocking spammers who favoured that set up, without affecting legitimate users.

I don't know whether spammers still use that approach.
Click to expand...
Oh, they definitely do. From the last week:

1655317250932.webp

For some of my sites, I internally "normalize emails" for uniqueness, but this particular site doesn't have that add-on installed. It would be nice if it was an option native to XenForo:

xenforo.com

Normalize emails for uniqueness

Spammers leverage Gmail (and other email providers) ability to create multiple accounts using the same Gmail account, but each account has a "unique" email address by leveraging dots (".") and pluses ("+") in the email address. For example, these all go to the same Gmail account inbox...
xenforo.com xenforo.com
 
Upvote 0 Downvote
Black Tiger said:
You're sure it's different addresses when multiple dots are used? Otherwise this kind of block is of little use.
Click to expand...
johncitizen@gmail.com, john.citizen@gmail.com, john.citi.zen@gmail.com, john.ci.ti.zen@gmail.com :
They are different addresses for my forum but the same addresses for gmail.

*.*@gmail.com
Block 1 dot in the name: all names with 1 or more dots in them are rejected.

Do you want to allow 1 dot in the name such as john.citizen but reject names such as john.citi.zen with 2 or more dots in them to reject?
*.*.*@gmail.com
 
Upvote 0 Downvote
whynot said:
They are different addresses for my forum but the same addresses for gmail.
Click to expand...
Yes that was exactly my point. Because you could block *.*@gmail.com but then the spammer could use that account again but then without the dot.

So to prevent all options from one such email address, you have to add several of these dot things and then still he can come in with his account using no dots, because that isn't blocked.

I was just wondering if there was not a better method, maybe a combination of using some multiple dots and checking ip ranges used.
 
Upvote 0 Downvote
Black Tiger said:
So to prevent all options from one such email address, you have to add several of these dot things and then still he can come in with his account using no dots, because that isn't blocked.
Click to expand...
thats not 100% correct: Blocking gmail addresses with 2 dots (*.*.*@gmail.com) will automatically also block all gmail addresses with more than 2 dots, because the * is a wildcard and can also be a dot. In other words: with only 1 rule you can define a maximum of dots, that are accepted.

But I also support the suggestion by @digitalpoint, because these rules are only "better than nothing".
 
Last edited:
Upvote 0 Downvote
Might be good, but at least here one can see screenshots without the need for an extra registration.
xenforo.com

[OzzModz] Contact Us Form Log

Always wanted to check contact emails without leaving your forum? Then the Ozzmodz Contact Us Form Log is for you. This is a relatively simple addon that will log all contact-form submissions to the database. Those with permission will be able...
xenforo.com xenforo.com
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

polle
  • Question Question
XF 2.2 Rule to block spam accounts using gmail
Replies
3
Views
173
Ozzy47
Ozzy47
Goose
  • Solved
Contact Us error Gmail. 550-5.7.26 [SSolution in the last message]
Replies
3
Views
924
Goose
Goose
R
  • Question Question
How do you deal with SMART Russian bots? Any tips? Banning Russian IPs didn't do anything, because they learned how to use VPNs from European and US.
2
Replies
21
Views
2K
GW2
GW2
Alan_SP
  • Question Question
XF 2.2 Connected accounts let spammers in without any checking (at least Google one)
Replies
2
Views
449
Alan_SP
Alan_SP
DeltaHF
Not a bug Email bans can be bypassed with sub-addressing and dots
Replies
3
Views
2K
Chris D
Chris D
Top Bottom