XF 2.2 Spam filter is failing today

Forum-owner

New member
Hello. Our forum has been live for about six months. The spam filter has done a very good job keeping the suspicious users out, and letting the legit users register and begin posting. We are using hcapcha , checking registrations on the stopforumspam database, and sending for moderation if one flag is detected. Until today that was enough.

But we really got whacked this afternoon. The registrations looked just like the other ones that were caught - crazy gmail addresses ( hu.x.le.y.frankl.in.t.mp@gmail.com ) and ip addresses in Moscow. Somehow dozens of them got through today. Besides putting all new registrations to the moderator queue, any easy way to slow these spammers down? Of course once they got in, they started sending private messages to all of our regular users. Besides not allowing anyone to start conversations, and easy way to stop new users from starting conversations? thanks.
 

Forum-owner

New member
Create a user group promotion.


Thanks. will consider this. But I'm afraid if we make a new group that for example requires new users to make 10 posts before they can start conversations - we will just end up with the spammers giving us ten posts of garbage before they start with the private conversations. Probably will go with manual approval for all registrations for a few days, with the hope that StopForumSpam catches up.
 

Forum-owner

New member
these are some hard working spammers. in the hour since you gave me the filter for email addresses with multiple periods, they have sent 15 new user requests for gmail addresses with NO periods.
 

Max Taxable

Well-known member
Thanks. will consider this. But I'm afraid if we make a new group that for example requires new users to make 10 posts before they can start conversations - we will just end up with the spammers giving us ten posts of garbage before they start with the private conversations.
They can post any number of moderated posts, and will still have zero post count. Can never get to 1, much less 10. Moderated posts do not count toward post count. Also, you can hide the notice that their posts are awaiting moderation. This is useful to prevent legitimate people getting frustrated and leaving but it also serves to not tip off the human spammer that you have these controls enabled.
 

Forum-owner

New member
that string did work for us - we used to get several attempts per week with email addresses such as 'm.fp.st.mpm.ai.c.dyh.xkr@gmail.com'. They are now blocked.

The irony is that gmail essentially ignores the periods in email addresses. Even if you set your email up as john.j.doe.junior@gmail.com -- and get blocked when you try to register for our forum -- you can simply register for the forum with johnjdoejunior@gmail.com -- and the confirmation email will make it to your inbox; as far as gmail is concerned the two addresses are identical. Don't tell the spammers!
 
Top