Announcement

Collapse
No announcement yet.

How to stop spam!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • loaf
    replied
    There are also suggestions here:
    http://www.vbulletin.com/forum/showthread.php?t=211647

    Leave a comment:


  • Greeksgal
    replied
    Thanks for all this information. I was going to download the NoSpam, but have decided not to.

    I get a TON of e-mail spam every day, so I will change my webmaster's e-mail to text with spaces. Also, to help deter forum spam, I will change CAPTCHA fonts to ManagerJosh's recommended fonts.

    Let's see what happens...

    Leave a comment:


  • Wayne Luke
    replied
    Its both... There are bot programs but the new thing is to have actual people do registrations and then one of two things happens. One, they get the account ready so a bot can then go spam the heck out of things. Or two, different people get paid to judiciously spam the site.

    Leave a comment:


  • somedevil
    replied
    Originally posted by Wayne Luke View Post
    If I was going to pay someone in India the average of 10 cents per registration, I would expect them to use standardized answers everywhere. Then you can use something like Roboform or Google's Toolbar to automatically pretty much everything in.

    If they don't validate their email then why allow them to post spam on your forums? or anything at all for that matter? Of course the new thing is to have unvalidated accounts sitting there with URLs in the fields for spiders to pick up on. Which is why I don't let spiders into member profiles.
    So you're saying there are people behind these registrations and not bots? I didn't think that was the case, but obviously I was wrong about that. I don't let them post at all actually as I moderate registrations, though for reasons other than these spammers.

    Leave a comment:


  • offline
    replied
    I have use the Akismet hack on vb.org to help filter 99.9% of the spam on my forum, its only drawback is that it takes my time in deleting moderated garbage posts.

    Leave a comment:


  • antiekeradio
    replied
    user defined questions with a relation to the subject of the board which have to be answered correctly.

    ofcourse, this has downsides, but it wil NOT be 'cracked'.

    Leave a comment:


  • ManagerJosh
    replied
    Originally posted by RedTyger View Post
    The problem with that is when you're logging into your bank, you're already a member and already have your secret word registered. Without that, it's just not effective. "Pick the X, X and X characters, or all numbers, or all letters, out of a given string" could easily be cracked by a bot although if the string were a good CAPTCHA then it wouldn't be so.

    The trouble with any CAPTCHA is that as soon as it gets popular it'll be targetted and likely cracked. That's really very easy to be honest. The real challenge is not coming up with a CAPTCHA technique, but one that'll survive widespread examination.
    I'm interested in hearing how that would be possible, especially when the CAPTCHA is Image Based.

    Leave a comment:


  • RedTyger
    replied
    Originally posted by Ionsurge View Post
    With my online bank account, instead of typing in a verification code, it asks to enter three random letters from the image, e.g. the 1st, 4th, and 5th, etc.

    Surely that's a better way to go around anything automated? They take it to another level by having you select them from a drop-down menu containing the letters a-z, and numbers 0-9 too.
    The problem with that is when you're logging into your bank, you're already a member and already have your secret word registered. Without that, it's just not effective. "Pick the X, X and X characters, or all numbers, or all letters, out of a given string" could easily be cracked by a bot although if the string were a good CAPTCHA then it wouldn't be so.

    The trouble with any CAPTCHA is that as soon as it gets popular it'll be targetted and likely cracked. That's really very easy to be honest. The real challenge is not coming up with a CAPTCHA technique, but one that'll survive widespread examination.

    Leave a comment:


  • joeychgo
    replied
    Originally posted by KeithMcL View Post
    Does anyone think reCAPTCHA might be a good solution to stop spam?
    Read the article I posted above -- it has a captcha hack from vb.org and it works very well.




    Leave a comment:


  • KeithMcL
    replied
    Does anyone think reCAPTCHA might be a good solution to stop spam?

    Leave a comment:


  • ManagerJosh
    replied
    A drop down is merely a form. If a bot can register, it can do a form with no problem.

    If I wasn't clear originally, it was that people are moving towards Image based CAPTCHAs that have 6 or 8 alphanumeric characters and required to type in all the letters in the CAPTCHA or all the numberes in the CAPTCHA

    Leave a comment:


  • Ionsurge
    replied
    Originally posted by ManagerJosh View Post
    I think that's how things are going. I've been seeing stuff like that and like selecting all letters from a string, or selecting all numbers from a string.
    Bare in mind, the verification images contain both random letters and images, and then if you are asking for a random mix of letters to be selected from 3 drop down boxes, the requested selection can be alphanumerical. Being selected from a drop down box would also eliminate a script from doing it and require human interaction?

    Leave a comment:


  • ManagerJosh
    replied
    I think that's how things are going. I've been seeing stuff like that and like selecting all letters from a string, or selecting all numbers from a string.

    Leave a comment:


  • Ionsurge
    replied
    With my online bank account, instead of typing in a verification code, it asks to enter three random letters from the image, e.g. the 1st, 4th, and 5th, etc.

    Surely that's a better way to go around anything automated? They take it to another level by having you select them from a drop-down menu containing the letters a-z, and numbers 0-9 too.

    Leave a comment:


  • Wayne Luke
    replied
    Originally posted by somedevil View Post
    I highly doubt these are human registrations because they all share common characteristics in that all the required fields are entered the exact same way...Not to mention the fact that they rarely ever validate e-mail address, which a human spammer would do.
    If I was going to pay someone in India the average of 10 cents per registration, I would expect them to use standardized answers everywhere. Then you can use something like Roboform or Google's Toolbar to automatically pretty much everything in.

    If they don't validate their email then why allow them to post spam on your forums? or anything at all for that matter? Of course the new thing is to have unvalidated accounts sitting there with URLs in the fields for spiders to pick up on. Which is why I don't let spiders into member profiles.

    Leave a comment:

Related Topics

Collapse

Working...
X