Announcement

Collapse
No announcement yet.

We don't fight spammers... We welcome them! Then bury them in a mass grave!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • We don't fight spammers... We welcome them! Then bury them in a mass grave!

    We had the ubiquitous problem with dozens of African, Indian and Russian spammers registering on our site for months. At the time we were still running old versions of vb and vbportal and had few tools at our disposal to block spammers. However, months of watching and studying them and taking them out manually taught us things we used later to automate the trapping and elimination of Indian, African, and Russian spammers soon after they arrive.

    First, we designed our portal so no one can POST unless they are a registered member. We didn't care about browsing the site. We have nothing to hide and visitors are free to browse as much as they want. But when it comes to POSTING they MUST be registered.

    Then we use the registration control features of vbulletin to require that every registered user MUST be email verified before they can post and we also enforce the rule that says no registered email address can be be re-used by anyone. In short, every user must have a verified email address and we don't allow any two users to have the same email. This makes it MUCH harder for spammers. They can't post if they don't provide a good email and if they registered with a valid email but got banned or blocked from posting, then they'll have to go somewhere and create a NEW email address before they can register and post again.

    There are other tools in our toolbox as well. On our site we never actually REMOVE users. The way we see it, if they've found our site and took the time to register, we don't ever want to forget them OR (more importantly) the email address they used. Instead, if they found their way here but we consider them "potential spammers" we have a special usergroup we move them to that's designed just for them... it lets them look as much as they like but prevents them from posting anywhere.

    So now, we've got them by the short hairs... They can look but they can't post. And if they try to re-register, their email address is already in our database and they discover they're unable to use that address again. So they must either lie to us and give us a phony email OR they must go somewhere and create a new email addy before they can register again. If they lie to us about their email address, then they can never verify that account... and if they can't verify, they can't post. What a terrible dilemma...

    As far as cleanup of the "users awaiting confirmation group", we automated that too. What we did was wrote a custom script that runs on a cron and uses a combination of various factors to identify users who were clearly not visiting us because they love our regional art. Since we don't see many Russian, Indian, or African tourists wandering our galleries or buying our art locally, we figure they're not likely to suddenly begin buying our art online either and conclude they're probably visiting for some other reason. When our script spots one of these "probable spammers", it does NOT remove the user. Instead it quietly moves them to that special User Group I mentioned earlier. In that group they enjoy the same permissions as their brethern... They can look but they cannot touch.

    Oh and for the record, that script we wrote runs every 12 minutes 24x7x365. Thus they have an average of 6 minutes from the time they register to confirm their email. Because if they're still sitting in that "Users Awaiting Email Confirmation" user group the next time our script passes by and they match our selection criteria, they're on their way to "Foreign User Coventry" before they ever know what hit them.

    Those *SPLAT* sounds visitors sometimes hear on our site are the sounds of Russian, Indian and African spammers hitting the concrete wall as they slide at high speed down the entry chute into coventry... They hit that wall moments after their jewels pass over our nads cutting bar where they enter the realm of the eternal eunuch... ROFL!

    I know my words and the technique we devised are crude; but they do work. Fortunately, the Geneva Conventions don't yet cover the mistreatment of cyberwar combatants... That leaves us free to mistreat them any way we like and no one seems to mind!

    Hope these tips and techniques help someone else...
    Last edited by websissy; Sat 4 Oct '08, 10:18am.

  • #2
    For more info on How to Reduce Spam and Registration Bots check this link.

    Comment


    • #3
      Yes, Floris... I read the post you provided the link to and understood exactly what it recommended before I made my post. Furthermore, we don't take exception with ANYTHING you've said except that we do extend the email verification requirement to block duplicate registrations using the same email address.

      However, your methods are all focused on trying to keep the spammers out to begin with, our approach extends your strategy to include how to identify the ones who make it inside before they begin spamming our site and what to do with them once you find them there.

      Your approach does NONE of that. It instead assumes none of them make it through the door to begin with. Our technique is designed to detect and disable those who manage to sneak past our defense perimeter.

      We know it's proving effective AND that it frustrates the spamborgs because we've started seeing new members named StudyTimeMachine, BeatTheClock, etc. In short, they KNOW what we're doing; but haven't figured out a way to beat us at this new game yet. Part of the reason for that is we're not using a single defense... we're deliberately combining several. That makes the challenge our adversaries face FAR more difficult than merely "beating the clock".

      God help us ALL if they ever do!
      Last edited by websissy; Sun 5 Oct '08, 8:04am.

      Comment


      • #4
        Sorry, but Email-Verification is standard. When I read your post I thought you must be someone who just got to know the internet.
        selling kawaiiNation.com

        Comment


        • #5
          Originally posted by Lenni View Post
          Sorry, but Email-Verification is standard. When I read your post I thought you must be someone who just got to know the internet.
          You're right, Lenni. I "just got to know the internet"... back in 81. I've been a student since then and 27 years have taught me a few things -- including the fact that it's not always wise to use your weapons where your enemies can see them or explain precisely how they work. They'll figure out ways to outwit your defenses soon enough. Meanwhile it's best to keep your war waging methods AND your weapons as secret as possible.

          Comment


          • #6
            use stealth then LOL

            Comment


            • #7
              Precisely...

              Comment


              • #8
                Security by obscurity is definately the way forward. We are mean to the vBulletin team about spam, but just about anything they can implement can be broken by a robot. Even answers to question and answer verification might be solved and added to a database for the spammers to use.

                Takes me a heck of a lot of time to figure out how to code anything new and original, but combining mods from vbulletin.org is very successsful for the small minority of forum owners who know to do that. Those mods are obscure in their own right. The majority of forum owners relying on standard software must be having a tough time at the moment.

                Comment


                • #9
                  Originally posted by vord View Post
                  The majority of forum owners relying on standard software must be having a tough time at the moment.
                  That's why I opened this thread, Vord. My goal wasn't so much to describe the details of a solution as to suggest a different way to define and attack the problem -- the same sort of Kobayashi Maru maneuver Admiral Kirk would have devised.

                  Comment

                  widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                  Working...
                  X