Spam is getting out of hand

Ben

Well-known member
With the forum spammers newest trick to post in already established threads instead of a new one, the forum gets less and less usable. I usually use the "New Posts" list to keep up with whats happening, but threads that were spammed are kept in that list even if the post is deleted, so that feature becomes practically useless. right now it show 59 new posts, 57 of these are spam. :(
I know this is none of my business, but I'd like to humbly request to re-discuss the policy regarding spammers.
Ben
 
No, unfortunately while the actual spam is getting whacked they are still flagging the thread as 'new' Unsure if there is a technical solution to that that won't cripple actual new joiners posting to relevant threads which is something I think is a good thing, since while it makes for zombies it also makes getting the attention of interested parties much easier when you find a similar bug or are trying to use a library.

Obviously the ideal solution would be the ability to un-new a thread when a user and all posts are removed by Robin but that depends on a reasonably clever forum software.
 
Last edited:
do the posts not disappear if you refresh the whats new button again?

GremlinWrangler is right, sadly this does not help. I even put the two accounts that the spammer(s) used on my ignore list, didn't help.

Edit: Well, now the "New Posts" list is free of spam, but I don't know wheter manual intervention by Robin or some forum mechanic is responsible
 
I see what you mean; when browsing around the forum, you see 'Last post by adsfdfdf' and upon viewing that thread, there is no post by that (presumably) spammer. Threads that show a post count of 2 actually have a post count of 1 and the thread is still marked as unread.
 
... but in the listing of new posts, the spam author is listed as last poster though ...
 
Another thing that's a little odd: I get reply notifications by mail for a thread i subscribed to (auto-subscribed by posting in the thread), but the new post is by this adsfdfdf guy who is on my ignore list. But the thread is not on the "New Posts" list, so that's a good thing.
 
I run a pretty big vBB based forum myself. We keep spammers out with custom profile fields that asks users to e.g. complete an idiom or some silly question ('white white white what does a cow drink? (water)). These questions are random. Most bots get stuck here, and if after a while some human has inputted the correct answers into the bot we can easily change the questions again.
 
Looks like a huge spam attack began shortly after 2AM Pacific time and lasted about 3 hours. Robin should be looking at this in a couple hours. Hopefully some more netblocks can block the source.

Over the last several months we've seen quite a lot of dormant spammer accounts. My guess is spammers are paying a low-wage service to register accounts by human effort, and then later using those accounts to spew spam. We already have the "Are You A Human" interactive game on the registration page. Unless they've made a bot that can get around the game, more questions at registration won't help.

Unfortunately, we are seeing the limits of the report post automatically moderating the spam. It's really just a small hack, not a well integrated feature designed into vBulletin. The forum still sends notification emails and still considers the thread "new". This is only a minor annoyance when it's a couple times a day. We just got hit with hundreds of messages, which is so much worse! If these kinds of attacks keep happening, I'll divert engineering to anti-spam measures. If it comes to that, I'm going to carefully look at data we collect and carefully consider solutions, rather than try more quick hacks.

Special thanks to mortonkopf, who went to the trouble to quickly report nearly all these spams, so the rest of us didn't have to see them! :)
 
As long as they're willing to pay humans, it's pretty difficult to stop spammers from registering.

I imagine that the more maintained bulletin systems may have built in remedies. Might be the call to upgrade...
 
Yes, still planning to migrate to xenforo. Realistically, that's not going to happen until after the Teensy++ 3.x board is released, and maybe not until after quite a few urgent software features it will need are completed.
 
I've gone through the spam that came in and found that the majority of the spam came from 2 users at the same IP address. The rest of the spam came from a 2nd IP address. I've blocked both IP addresses involved. Well, actually I banned 2 netblocks.

We are talking about what measures we can take to limit spammers yet not inconvenience legitimate users too much. It has alway been important to us that users who have questions be able register and post their question quickly.
 
Is it too cumbersome to disable self-registration and require a moderator to approve new users?

Yes, absolutely too cumbersome, and adds too much delay.

That only works for small forums with low activity levels, or very large forums with dedicated staff.
 
Is it feasible to make the forum update its database when reported posts get deleted, to have correct "New Posts" lists? I have a feeling the spam-reporting mechanism works well, but the forum software needs to handle the reported posts better by thoroughly wiping the posts from the database.
Ben
 
Is it feasible to make the forum update its database when reported posts get deleted, to have correct "New Posts" lists? I have a feeling the spam-reporting mechanism works well, but the forum software needs to handle the reported posts better by thoroughly wiping the posts from the database.
Ben

Given the current state of vbulletin development, my educated guess is 'no'. IRRC, vbulletin development has largely ceased and spawned forks like xenoforum.
 
perhaps it's possible by executing a simple sql - with a cron-job for example. Is this forum running on mysql?
I don't know the forum-software or the database-structure, but this should'nt be too hard.
Do you want me to dig a bit into this ? databases are my dayjob..

so..no codechange would be needed.
 
perhaps it's possible by executing a simple sql - with a cron-job for example. Is this forum running on mysql?

I.e. auto-sweep of the new messages to see if any of them contain links to the outside world? If yes, does the link point to a sporting event, contain the word streaming, etc? That might be a good work-around for the time being, i.e. until the next forum can be installed.

I wonder to what extent Baysian filters could be used in this application... i.e. for every confirmed spam, the filter is refined further to detect and contain spam. Works great for my inbox (i.e. SpamSieve).
 
Last edited:
I.e. auto-sweep of the new messages to see if any of them contain links to the outside world? If yes, does the link point to a sporting event, contain the word streaming, etc? That might be a good work-around for the time being, i.e. until the next forum can be installed.

I wonder to what extent boolean filters could be used in this application... i.e. for every confirmed spam, the filter is refined further to detect and contain spam. Works great for my inbox (i.e. SpamSieve).

Hm, that would need adjusting the sqls every time the spam changes..
I was referring to the issues above, something more simple, to adjust the new posts and last user display.
 
Frank, you know and will forget more about SQL than I will ever learn (though I'd like to implement a SQL DB for work)

As for moderating the first post, I don't think that helps as long as they use humans to break the entry codes. All it does is increase the cost a teeny tiny bit. For the sake of Paul, Robins sanity, I was hoping for a system that can detect forum postings that follow certain patterns, much like my spam filter for e-mail. SpamSieve is pretty amazingly good and I hope that whatever Paul wants to settle on in a next forum will allow Baysian (sorry, not boolean!) filtering to do much of the heavy lifting for them.

Similarly, if the filtration system detects multiple posts with very similar content, that should also spring a flag leading to an auto-ban on strike 3, or whatever threshold PJRC.com wants to set.

If I were in their shoes, I'd be looking at the above possibilities when looking for a vbulletin replacement.
 
I've seen/used other forums near this one's scale... and they rely on a few moderators, to include vetting the new users' first post or first 24 hours or some such.
It works because of good people and delegation of authority.
 
Agreed. Paul has mentioned that he and Robin were considering putting together a moderator group. That may yet happen. We seem to have enough people willing to volunteer...
 
Back
Top