Spam from pakistan

gavpeds

gavpeds

Active member
Ok so for a couple of weeks now my forums have been hammered with registrations from spammers. All their ips seem to originate from packistan and seem to be coming from a couple of sources. I have spam management set up pretty well so non of there rubbish posts ever get to be on the forum but its driving me nuts. Anyone else having this issue at the moment. They often fill there avatar with a provocative woman.
 
cyberpedz said:
Ok so for a couple of weeks now my forums have been hammered with registrations from spammers. All their ips seem to originate from packistan and seem to be coming from a couple of sources. I have spam management set up pretty well so non of there rubbish posts ever get to be on the forum but its driving me nuts. Anyone else having this issue at the moment. They often fill there avatar with a provocative woman.
Click to expand...
Yes It happened to me to overnight and was getting hammered by at least a dozen a day then I just blocked the entire country. I manage Dobermann specific forums and Pakistan offers nothing in relation to our niche. So it was a relative no-brainer.
 
I block 'em at the server level and never let 'em get to the forum itself. csf makes it dead easy to block an entire country.
 
If you literally want no traffic from these countries hitting your server in any meaningful way, you can use iptables and null route the following list.

Code: 
202.5.128.0/19
202.69.32.0/19
202.70.144.0/20
202.83.160.0/20
202.84.246.0/24
202.92.16.0/20
202.123.240.0/20
202.125.128.0/19
202.141.224.0/19
202.142.144.0/20
202.69.8.0/21
202.63.192.0/19
202.61.32.0/19
202.14.70.0/23
202.43.118.0/23
202.44.80.0/20
202.45.156.0/23
202.47.94.0/24
202.52.32.0/24
202.55.128.0/22
202.59.64.0/19
202.59.254.0/24
202.142.160.0/19
202.143.112.0/20
202.165.246.0/23
202.165.248.0/23
202.165.250.0/24
202.166.160.0/20
202.174.142.0/25
202.174.148.40/29
202.174.148.216/29
202.174.150.0/24
202.174.155.16/28
202.165.244.0/24
202.165.242.0/24
202.165.238.0/24
202.147.160.0/19
202.154.224.0/19
202.160.252.0/29
202.160.252.32/28
202.160.252.64/27
202.163.64.0/18
202.165.224.0/21
202.165.232.0/22
202.165.236.0/23
202.174.157.0/26
202.4.167.0/24
139.190.0.0/16
175.176.240.232/29
179.60.178.184/29
179.60.180.64/29
179.60.181.144/29
179.60.183.88/29
180.92.128.0/19
180.149.208.0/20
180.178.128.0/18
182.176.0.0/12
175.111.0.0/20
175.110.0.0/16
175.107.192.0/18
139.191.0.0/24
139.191.3.0/24
139.191.6.0/24
139.191.21.0/24
150.129.4.0/22
162.211.126.96/30
162.245.219.191/32
163.53.236.0/22
175.107.0.0/18
185.56.163.16/28
186.65.122.192/27
195.129.100.0/23
195.129.102.0/24
195.138.130.10/32
196.3.72.0/24
199.168.191.58/31
199.168.191.60/30
199.168.191.64/29
199.241.31.204/32
202.0.110.0/24
195.112.177.80/30
195.79.220.128/27
195.79.220.0/25
192.30.33.29/32
192.34.53.181/32
192.34.54.64/32
192.34.54.66/32
192.34.54.179/32
192.34.54.216/32
195.75.216.0/25
195.75.217.0/25
195.75.247.0/24
202.3.130.0/23
203.16.34.0/24
210.5.213.0/24
210.89.78.80/28
210.89.80.0/29
210.89.81.24/29
212.165.146.16/29
212.165.146.32/27
212.165.146.64/29
212.165.146.88/29
212.165.146.96/28
212.165.158.48/28
210.89.76.184/29
210.89.75.200/29
210.89.75.48/29
210.5.217.0/24
210.5.221.0/29
210.5.221.16/28
210.56.0.0/19
210.89.69.16/28
210.89.72.168/29
210.89.72.176/29
210.89.75.0/27
210.89.75.32/29
212.165.158.64/28
212.165.158.88/29
216.236.222.48/29
216.236.222.72/29
216.236.222.80/29
216.236.222.96/28
216.236.222.192/28
216.236.222.216/29
218.100.85.0/24
221.120.192.0/18
221.132.112.0/21
216.236.222.32/28
216.236.220.224/27
216.236.220.216/29
212.165.158.96/27
212.165.158.128/27
212.165.159.0/24
213.31.209.0/24
213.71.31.128/26
216.236.200.64/28
216.236.220.0/28
216.236.220.16/29
216.236.220.176/29
223.29.224.0/20
210.5.211.64/29
203.26.77.0/24
203.99.160.0/19
203.101.160.0/19
203.119.20.0/24
203.124.24.0/21
203.124.32.0/19
203.128.0.0/19
203.128.252.0/22
203.129.0.0/22
203.130.0.0/19
203.99.48.0/20
203.92.4.0/23
203.88.66.208/28
203.80.128.0/24
203.80.130.0/24
203.80.177.192/26
203.81.192.0/19
203.81.224.0/20
203.82.48.0/20
203.88.66.124/30
203.88.66.184/29
203.88.66.200/29
203.133.252.0/22
203.134.252.0/22
210.5.193.64/26
210.5.199.0/24
210.5.204.128/25
210.5.205.128/25
210.5.208.72/29
210.5.208.80/29
210.5.209.128/26
210.5.209.240/29
210.5.210.128/25
210.2.128.0/18
208.240.136.0/22
208.232.94.0/23
203.135.0.0/18
203.170.64.0/20
203.175.64.0/20
203.176.190.0/23
203.215.160.0/19
203.223.160.0/20
208.70.72.208/28
208.194.251.0/24
208.207.92.0/23
210.5.211.0/26
139.92.120.0/24
67.23.249.227/32
72.29.69.175/32
72.29.69.176/31
72.29.69.178/32
80.77.8.0/22
80.247.138.0/29
80.247.152.0/29
80.247.152.48/28
80.247.152.64/27
80.247.152.104/29
72.8.189.64/26
72.8.160.64/26
69.197.3.197/32
69.88.3.32/29
69.88.3.112/29
69.88.3.184/29
69.88.22.0/28
69.88.22.32/29
69.88.22.48/29
69.88.24.104/29
69.88.24.136/29
69.88.24.216/29
80.247.152.112/28
80.255.40.64/27
103.9.182.0/24
103.11.60.0/22
103.11.68.0/22
103.11.220.0/24
103.12.40.0/22
103.12.58.0/24
103.12.120.0/22
103.13.1.0/24
103.14.231.0/24
103.9.23.0/24
103.8.231.0/24
103.8.214.0/24
89.105.32.32/29
89.207.129.18/32
101.50.64.0/18
103.4.92.0/22
103.5.136.0/22
103.7.60.0/22
103.7.76.0/22
103.8.14.0/23
103.8.112.0/22
103.17.200.0/22
64.86.131.0/24
5.132.182.0/24
43.245.8.0/22
43.245.128.0/22
43.245.204.0/22
43.245.220.0/22
43.247.120.0/22
43.254.12.0/22
45.64.24.0/22
45.64.180.0/22
46.166.163.200/29
42.201.128.0/17
42.83.84.0/22
39.32.0.0/11
5.224.182.0/24
5.225.182.0/24
14.192.128.0/19
27.54.120.0/22
27.255.0.0/18
31.220.30.32/27
31.220.30.96/27
37.222.182.0/24
37.223.182.0/24
57.92.240.0/20
58.27.128.0/17
63.109.249.144/29
63.114.37.0/24
64.37.52.234/31
64.37.52.236/30
64.37.52.240/29
64.37.52.248/30
64.37.52.252/31
64.37.52.254/32
64.86.121.0/24
63.109.248.88/29
63.109.248.56/29
63.100.211.0/24
58.65.128.0/18
58.65.192.0/19
58.181.96.0/19
59.103.0.0/16
61.5.128.0/19
62.200.198.0/26
62.200.198.64/27
62.200.198.128/25
63.70.24.0/22
64.86.122.0/24
103.18.8.0/21
110.36.0.0/14
115.186.0.0/17
115.186.128.0/18
116.0.32.0/19
116.58.0.0/17
116.71.0.0/16
116.90.96.0/19
117.20.16.0/20
117.102.0.0/18
118.103.224.0/20
115.167.0.0/17
115.42.64.0/20
114.198.237.0/24
110.93.192.0/18
110.232.188.0/22
111.68.96.0/20
111.88.0.0/16
111.92.128.0/19
111.119.160.0/19
113.197.48.0/21
113.203.128.0/17
114.198.233.0/24
118.107.128.0/20
119.30.64.0/18
119.81.237.160/29
119.152.0.0/13
119.160.0.0/17
121.52.144.0/20
122.129.64.0/19
122.201.35.192/29
122.201.36.152/29
124.29.192.0/18
124.109.32.0/19
119.81.231.64/29
119.81.211.64/29
119.81.193.240/29
119.63.128.0/20
119.73.0.0/17
119.81.30.96/28
119.81.94.248/29
119.81.98.104/29
119.81.101.48/29
119.81.136.80/29
119.81.136.136/29
119.81.137.216/29
125.209.64.0/18
110.34.32.0/21
103.18.20.0/22
103.31.80.0/22
103.31.92.0/22
103.31.100.0/22
103.31.104.0/22
103.224.12.0/22
103.225.48.0/22
103.225.220.0/22
103.226.216.0/23
103.228.156.0/22
103.29.163.0/24
103.28.152.0/22
103.28.150.0/23
103.18.116.0/24
103.18.243.0/24
103.20.0.0/22
103.20.132.0/22
103.24.96.0/22
103.25.136.0/22
103.26.80.0/21
103.26.184.0/22
103.27.20.0/22
103.232.225.0/24
103.233.8.0/22
103.249.152.0/22
103.249.228.0/22
103.250.222.0/23
103.252.80.0/22
103.253.156.0/22
103.255.4.0/22
103.255.108.0/22
103.255.128.0/22
103.255.148.0/22
103.247.124.0/23
103.247.66.0/24
103.246.108.0/22
103.234.12.0/24
103.234.144.0/22
103.237.84.0/22
103.240.220.0/24
103.244.132.0/22
103.244.172.0/22
103.244.176.0/22
103.245.132.0/22
103.245.192.0/22
104.128.131.0/24
 
MQK8 said:
You mean they don't have Dobermans in Pakistan?
Click to expand...
Sometimes it's just not worth it. 100,000 spam accounts or 1 user. Sure our site for example might be blocking out one gamer. Hopefully that kid gets frustrated grows up and does something about it.

If the Chinese government one day dragged a bunch of people responsible for this kind of crap into the street and beat them to death on national television. I think we would see a few percent drop over night. The traffic comes from anywhere cause by people living anywhere. But you pick out a couple major sources and have to know these spammers are actually ruining the internet for their own country. They are costing data centers and businesses money. Ruining access for users in those IP blocks. If you tallied up the cost and actually built a case against people I'm sure it would come to figures larger than some of the fraud cases that actually makes it to trial.
 
Thanks for the response, I didn't really think they had Dobermans in Pakistan. Wish you well on your forum. :)
 
MQK8 said:
Thanks for the response, I didn't really think they had Dobermans in Pakistan. Wish you well on your forum. :)
Click to expand...

I'm not the person you asked. But its the same thing for many other sites. You have to balance the cost of spam management versus the users lost.

One of our guys was going to move to China and I was like be sure to call me and tell me what IP blocks u need white listed lol.
 
I had a lady from Pakistan register the other night to reply to an old thread about a radio show. I enjoyed the post, I don't block any countries. I rarely see spam on my forum, when it happens it dealt with quickly,
 
dawg said:
I had a lady from Pakistan register the other night to reply to an old thread about a radio show. I enjoyed the post, I don't block any countries. I rarely see spam on my forum, when it happens it dealt with quickly,
Click to expand...

If the core antispam wasn't stopping say 1000 registrations per day you might feel differently. I was seeing about 60 an hour in the logs for FoolBotHoneyPot for our site. We had a short lapse in updates for XF 1.3 and FBHP and ended up with a dozen or so Pakistani spammers a day. Updates seemed to put an end to it but had it not I wouldn't have hesitated to block them for a few days.

Captchas probably stop more legitimate users than bots these days. Hate them. Love invisible methods.
 
rainmotorsports said:
If the core antispam wasn't stopping say 1000 registrations per day you might feel differently. I was seeing about 60 an hour in the logs for FoolBotHoneyPot for our site. We had a short lapse in updates for XF 1.3 and FBHP and ended up with a dozen or so Pakistani spammers a day. Updates seemed to put an end to it but had it not I wouldn't have hesitated to block them for a few days.

Captchas probably stop more legitimate users than bots these days. Hate them. Love invisible methods.
Click to expand...
Probably, but i dont have a spam problem. Although, I am doing nothing special other than using the built in spam tools to handle spammers. It is a mystery why some forums suffer from spam and others don't. I have seen this over many years.
 
dawg said:
Probably, but i dont have a spam problem. Although, I am doing nothing special other than using the built in spam tools to handle spammers. It is a mystery why some forums suffer from spam and others don't. I have seen this over many years.
Click to expand...

Hell I registered a domain and a couple days later installed Xenforo 1.4.1 and by the end of the day I had my first spammer. I'd say its dumb luck. But in this case there are lists for recently registered domains. The link scrapers are probably feeding off this directly.
 
You must log in or register to reply here.

Similar threads

jauburn
  • Question Question
XF 1.5 Most spam from Pakistan - way to trap?
Replies
2
Views
1K
jauburn
jauburn
ProCom
Foreign Korean Spammers - Spam Nightmare
Replies
8
Views
2K
cdub
cdub
Stuart Wright
Alert - an influx of private message spammers
Replies
0
Views
1K
Stuart Wright
Stuart Wright
Stuart Wright
Stuart's anti-spam tips
Replies
2
Views
913
Jim Boy
Jim Boy
Slavik
New Anti-Spam service available soon.
2 3
Replies
52
Views
6K
Sage Knight
Sage Knight
Top Bottom