Spamming of PHP forums
Per Ardua ad Astraeus
Thread Starter
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes
on
0 Posts
Spamming of PHP forums
I am experiencing a sudden spate of 'spam' attempts at registration on two PHPBB3 forums I run, one 'private' and one 'public'. The support forums indicate this is an increasing phenomenen. Most of the registrations seem to originate on Russian servers.
Obvious steps have been taken to 'repel boarders' but this is a heads up for anyone else using the system. A normal graphic 'captcha' does not seem to be stopping it and currently a mathematical one is - I guess we are looking at 'humans' with poor mathematical skills?
Obvious steps have been taken to 'repel boarders' but this is a heads up for anyone else using the system. A normal graphic 'captcha' does not seem to be stopping it and currently a mathematical one is - I guess we are looking at 'humans' with poor mathematical skills?
Join Date: Feb 2000
Location: asia
Posts: 542
Likes: 0
Received 0 Likes
on
0 Posts
I can say from experience that there seems to be a small army of real people based somewhere in China who seem to spend all day trying to register logons with the express intent of spamming.
Official PPRuNe Chaplain
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
Tell me about it!
Captcha doesn't work in its "normal" form. What did work for a couple of years was a non-standard polkadot "type what you see" - a bit like the Ishihara plates. They've now sussed that.
What I've done now is to add a couple of non-standard fields to the registration screen (easy to do via the ACP) and made them mandatory. That seems to slow down the rate of spam registration. If the entries in those fields aren't valid, I know to delete the account forthwith. I still have to look at them, though.
I also ban any IP range that offends - initially the first two blocks (eg 92.138.*.*) but eventually just the first block if it continues. I seem to have banned Russia and China pretty much in total, but that technique doesn't work well with botnets.
There's mounds of stuff about this on the phpBB Forum.
I'm also getting far more spam into the Spamcop junkbox these past few weeks - it's up to 12 an hour during the Russian daytime now. The daft thing is that it's the same half dozen spams most of the time. That plonker advertising for west-europe-consulting must write to his victims every half hour.
Captcha doesn't work in its "normal" form. What did work for a couple of years was a non-standard polkadot "type what you see" - a bit like the Ishihara plates. They've now sussed that.
What I've done now is to add a couple of non-standard fields to the registration screen (easy to do via the ACP) and made them mandatory. That seems to slow down the rate of spam registration. If the entries in those fields aren't valid, I know to delete the account forthwith. I still have to look at them, though.
I also ban any IP range that offends - initially the first two blocks (eg 92.138.*.*) but eventually just the first block if it continues. I seem to have banned Russia and China pretty much in total, but that technique doesn't work well with botnets.
There's mounds of stuff about this on the phpBB Forum.
I'm also getting far more spam into the Spamcop junkbox these past few weeks - it's up to 12 an hour during the Russian daytime now. The daft thing is that it's the same half dozen spams most of the time. That plonker advertising for west-europe-consulting must write to his victims every half hour.
Join Date: Jan 2008
Location: Bracknell, Berks, UK
Age: 52
Posts: 1,133
Likes: 0
Received 0 Likes
on
0 Posts
I'm also getting far more spam into the Spamcop junkbox these past few weeks - it's up to 12 an hour during the Russian daytime now. The daft thing is that it's the same half dozen spams most of the time. That plonker advertising for west-europe-consulting must write to his victims every half hour.
Incidentally, that west europe consulting is more like every half millisecond.
Controversial, moi?
This week (well, from Thursday last week) there's been a big rise in spam
I thought it was just me. Spam is the scourge of the internet.
Official PPRuNe Chaplain
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
My "private" e-mail address gets two or three e-mails a day from friends and the like.
If the numbers I noted on my pad are right, in the last 23 days I've received 3,779 spams. That's 165 a day or 98% of all incoming e-mail. I would guess that ratio isn't far different from the general population of non-spamming internet users.
Disconnecting Russia, China and Nigeria from the internet would probably reduce that dramatically.
If the numbers I noted on my pad are right, in the last 23 days I've received 3,779 spams. That's 165 a day or 98% of all incoming e-mail. I would guess that ratio isn't far different from the general population of non-spamming internet users.
Disconnecting Russia, China and Nigeria from the internet would probably reduce that dramatically.
Official PPRuNe Chaplain
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
Don't they ever! They show how much of a problem it is when one good e-mail is misdirected in among several hundred spams. Spamcop gets about one wrong in three months despite those ^ numbers.
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
I can say from experience that there seems to be a small army of real people based somewhere in China who seem to spend all day trying to register logons with the express intent of spamming.
It's not people and it's not just China. It's just one of the botnets.
Join Date: Jan 2008
Location: Bracknell, Berks, UK
Age: 52
Posts: 1,133
Likes: 0
Received 0 Likes
on
0 Posts
Email Statistics [inbound]
Total Day Hour
Blocked 41,430,639 5,925 329
Blocked: Virus 29,524 2 0
Rate Controlled 2,106,738 5,682 9
Quarantined 1,050 0 0
Allowed: Tagged 161,514 47 3
Allowed 4,042,383 2,078 213
Total Received 47,771,848 13,734 554
Per Ardua ad Astraeus
Thread Starter
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes
on
0 Posts
An update on spamming of PHP forums (ie the thread!..................)
Since implementing a 'simple maths registration captcha' mod on 19/2 I have not had a single 'spam' registration. (Yet...)
Since implementing a 'simple maths registration captcha' mod on 19/2 I have not had a single 'spam' registration. (Yet...)
Official PPRuNe Chaplain
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
They do help ... but have you checked (by trying to register in a new name) if it's blocking everything, even legit attempts to register?
)
