Wikiposts
Search
Computer/Internet Issues & Troubleshooting Anyone with questions about the terribly complex world of computers or the internet should try here. NOT FOR REPORTING ISSUES WITH PPRuNe FORUMS! Please use the subforum "PPRuNe Problems or Queries."

Spamming of PHP forums

Thread Tools
 
Search this Thread
 
Old 19th Feb 2011, 07:37
  #1 (permalink)  
Per Ardua ad Astraeus
Thread Starter
 
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes on 0 Posts
Spamming of PHP forums

I am experiencing a sudden spate of 'spam' attempts at registration on two PHPBB3 forums I run, one 'private' and one 'public'. The support forums indicate this is an increasing phenomenen. Most of the registrations seem to originate on Russian servers.

Obvious steps have been taken to 'repel boarders' but this is a heads up for anyone else using the system. A normal graphic 'captcha' does not seem to be stopping it and currently a mathematical one is - I guess we are looking at 'humans' with poor mathematical skills?
BOAC is offline  
Old 19th Feb 2011, 10:02
  #2 (permalink)  
 
Join Date: Feb 2000
Location: asia
Posts: 542
Likes: 0
Received 0 Likes on 0 Posts
I can say from experience that there seems to be a small army of real people based somewhere in China who seem to spend all day trying to register logons with the express intent of spamming.
stickyb is offline  
Old 19th Feb 2011, 11:57
  #3 (permalink)  

Official PPRuNe Chaplain
 
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes on 0 Posts
Tell me about it!

Captcha doesn't work in its "normal" form. What did work for a couple of years was a non-standard polkadot "type what you see" - a bit like the Ishihara plates. They've now sussed that.

What I've done now is to add a couple of non-standard fields to the registration screen (easy to do via the ACP) and made them mandatory. That seems to slow down the rate of spam registration. If the entries in those fields aren't valid, I know to delete the account forthwith. I still have to look at them, though.

I also ban any IP range that offends - initially the first two blocks (eg 92.138.*.*) but eventually just the first block if it continues. I seem to have banned Russia and China pretty much in total, but that technique doesn't work well with botnets.

There's mounds of stuff about this on the phpBB Forum.

I'm also getting far more spam into the Spamcop junkbox these past few weeks - it's up to 12 an hour during the Russian daytime now. The daft thing is that it's the same half dozen spams most of the time. That plonker advertising for west-europe-consulting must write to his victims every half hour.
Keef is offline  
Old 19th Feb 2011, 13:57
  #4 (permalink)  
 
Join Date: Jan 2008
Location: Bracknell, Berks, UK
Age: 52
Posts: 1,133
Likes: 0
Received 0 Likes on 0 Posts
Originally Posted by Keef
I'm also getting far more spam into the Spamcop junkbox these past few weeks - it's up to 12 an hour during the Russian daytime now. The daft thing is that it's the same half dozen spams most of the time. That plonker advertising for west-europe-consulting must write to his victims every half hour.
This week (well, from Thursday last week) there's been a big rise in spam. I suspect a new botnet's gone live.

Incidentally, that west europe consulting is more like every half millisecond.
Mike-Bracknell is offline  
Old 19th Feb 2011, 14:42
  #5 (permalink)  

Controversial, moi?
 
Join Date: Oct 2000
Location: UK
Posts: 1,607
Likes: 0
Received 2 Likes on 1 Post
This week (well, from Thursday last week) there's been a big rise in spam
My Hotmail address which I use for when I do not want to use my relatively clean main address has seen a massive rise in the spam I usually get. Like close to ten new spam e-mails an hour. All the links in the e-mails end in .ru

I thought it was just me. Spam is the scourge of the internet.
M.Mouse is offline  
Old 19th Feb 2011, 23:25
  #6 (permalink)  

Official PPRuNe Chaplain
 
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes on 0 Posts
My "private" e-mail address gets two or three e-mails a day from friends and the like.

If the numbers I noted on my pad are right, in the last 23 days I've received 3,779 spams. That's 165 a day or 98% of all incoming e-mail. I would guess that ratio isn't far different from the general population of non-spamming internet users.

Disconnecting Russia, China and Nigeria from the internet would probably reduce that dramatically.
Keef is offline  
Old 20th Feb 2011, 07:07
  #7 (permalink)  
More bang for your buck
 
Join Date: Nov 2005
Location: land of the clanger
Age: 82
Posts: 3,512
Likes: 0
Received 0 Likes on 0 Posts
Those figures rather put hotmail misidentifying spam into perspective.
green granite is offline  
Old 20th Feb 2011, 07:39
  #8 (permalink)  

Official PPRuNe Chaplain
 
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes on 0 Posts
Don't they ever! They show how much of a problem it is when one good e-mail is misdirected in among several hundred spams. Spamcop gets about one wrong in three months despite those ^ numbers.
Keef is offline  
Old 21st Feb 2011, 07:29
  #9 (permalink)  
 
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes on 0 Posts
I can say from experience that there seems to be a small army of real people based somewhere in China who seem to spend all day trying to register logons with the express intent of spamming.

It's not people and it's not just China. It's just one of the botnets.
mixture is offline  
Old 21st Feb 2011, 09:23
  #10 (permalink)  
 
Join Date: Jan 2008
Location: Bracknell, Berks, UK
Age: 52
Posts: 1,133
Likes: 0
Received 0 Likes on 0 Posts
Originally Posted by green granite
Those figures rather put hotmail misidentifying spam into perspective.
Here's the figures from my Barracuda spam appliance, protecting 516 users so far. Sorry about the formatting, there are 3 columns of numbers. That should put things more into perspective about the fight against spam (the "total" figure is the total of emails kept in the rolling logs):

Email Statistics [inbound]

Total Day Hour
Blocked 41,430,639 5,925 329
Blocked: Virus 29,524 2 0
Rate Controlled 2,106,738 5,682 9
Quarantined 1,050 0 0
Allowed: Tagged 161,514 47 3
Allowed 4,042,383 2,078 213
Total Received 47,771,848 13,734 554
Mike-Bracknell is offline  
Old 21st Feb 2011, 14:33
  #11 (permalink)  
Per Ardua ad Astraeus
Thread Starter
 
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes on 0 Posts
An update on spamming of PHP forums (ie the thread!..................)

Since implementing a 'simple maths registration captcha' mod on 19/2 I have not had a single 'spam' registration. (Yet...)
BOAC is offline  
Old 21st Feb 2011, 16:59
  #12 (permalink)  

Official PPRuNe Chaplain
 
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes on 0 Posts
They do help ... but have you checked (by trying to register in a new name) if it's blocking everything, even legit attempts to register?
Keef is offline  
Old 21st Feb 2011, 17:53
  #13 (permalink)  
Per Ardua ad Astraeus
Thread Starter
 
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes on 0 Posts
No - it's working just fine, but a good thought! (What else from a 'rev'?)
BOAC is offline  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service

Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.