Spam - help

[Tis-food]

Hi - I'm getter spam left on my forum but I'm concerned that they are registering with an IP address that I have just used when viewing the site - I have a random ip - how do they do that ie choose their ip and why mine?

Any ideas

 

[Jake Bunce]

IPs are generally not a good means of identifying or blocking automated spammers.

http://xenforo.com/community/resources/dealing-with-forum-spam.980/

 

[Chris D]

That's not really possible. Unless the spam is somehow originating from your connection. It maybe their IP addresses aren't being recorded properly.

Biggest concern right now should be to prevent the registrations.

My two favourite free add ons for that are:
CustomImgCaptcha and
Registration Form Timer

If you fancy something a little extra and you have a small budget then try FoolBotHoneyPot.

 

[Tis-food]

I have a Captcha in place - the spammers are real people posting unwanted stuff ie medical stuff forsale, links to their dating site. etc

 

[Chris D]

Human spammers are pretty rare... I wouldn't be so sure that they aren't bots.

What Captcha are you using? Are you using anything else during registration?

 

[Tis-food]

I use the answer 10+15 phrase - isnt this good enough?

 

[tenants]

I have a Captcha in place - the spammers are real people posting unwanted stuff ie medical stuff forsale, links to their dating site. etc

What Captcha is it?

Both QA and ReCaptcha have been solve for quite a while
ReCaptcha has be solved by training against the image sets, QA has been solved by bot users answering the questions and those answers being shared with a central db (XRumer competitions)

If you like Captcha (I'm not a huge fan of them myself, making people jump through hoops isn't always great for % sign ups)

... I do suggest, if you use CAPTCHA, use custom images (take a picture of something in your bedroom and add a question to it) ... this is always unique and hard to solve.
But there are plenty of CAPTCHA that are still working (since they are uncommon so not yet targeted, use custom images or have only just started to be targeted)

Other CAPTCHA:

CustomImgCaptcha Custom user added images, not easy to targeted and very hard to solve with automation
WE FIGHT SPAM (can use CustomImgCaptcha)
Funny Img Catpcha (uses CustomImgCaptcha)
Photo CAPTCHA (I do like this one, since much like CustomImgCaptcha you can customise your images)
XF QapTcha (very human friendly, and uncommon)
Are you Human(sp) (eng)
KeyCaptcha
Solve Media

There is also the API approach (Jaxels XenUtils, StopSpamHere or AnyApi)
or a multitude of mechanisms, like the registration timer / foolbothoneypot

 

[tenants]

I use the answer 10+15 phrase - isnt this good enough?

No, QA's have been solved

Bot users (mostly XRumer users) go back and look at where they have failed, they then answer your questions... these questions are then shared with thousands of others
Then all bot users can automate registration on your site

With QA, it is only a matter of time until a bot user decides to answer your questions.. when this happens, you get a flood of bots

You can change your QA questions regularly, but you will always be playing a game or Russian Roulette when you use QA alone, you never know when the bot users are about to manually solve you questions and have them shared

 

[Chris D]

I use the answer 10+15 phrase - isnt this good enough?

Definitely not.

These are bots you're dealing with. Most automated bots can solve questions like this because they can analyze simple text such as 10+15 and work out the answer might be 25. That's without any human intervention too.

Spam is a big problem and it needs big tools to solve it.

Listen to tenants. He knows about such things

 

[Biker]

I like my question.

True or false? Spammers should be thrown into the darkest pits of hell and tortured mercilessly.

For some reason, it works well.