Spamy Spamy Spam Spam Spam


trentino

Member
After 12 years, the spammers have finally come for us! Thanks to those who alerted me to this situation. I've deleted the messages so far but I imagine there's more to come.

Here's what I'm thinking...
- I'll start giving folks moderator privileges to delete offending posts. I've started with MakeMineMusic but will look to make others moderators also if necessary.
- If it really gets out of hand, moderators deleting posts after the fact may not help much. The software installed doesn't seem to have a CAPTCHA feature requiring people to type in a code before posting.
- I've been considering transitioning these boards over to my new Disney social networking site: DisFriends.com. I would create a special "Magical Music of the Mouse" Group there that people could join and point MagicMusic.net to it. Ken (MakeMineMusic) is an active member there. The site has a HUGE number of benefits over this site including custom profile pages (including having music tracks that can be listened to and videos). My hesitation with doing this is that it will open the group up to a lot more everyday (non-hardcore) Disney music fans. So we'll see a lot more posts like "What's your favorite song". This is why I have resisted the move so far. But if it's a choice between sharing our forum with porn spammers or "novice" disney music fans well I think I know the answer to that.

Any comments folks?

Trent
 

Horizons

Playlist Author
Would all of the old posts be transferred over? I know the last time this site was upgraded, we lost a lof of good historical information. I would hate to lose the rest of it.
 
You could make "What's your favorite song?" its own thread. Lounges for Die-hards, Hardcores, Toots, Whistles, Plunks, and Booms. I think it sounds supercalifragilisticexpialidocious.

By the way, mine is "In a World of My Own."
 

Magic Music

Administrator
Playlist Author
The software installed doesn't seem to have a CAPTCHA feature requiring people to type in a code before posting.
It wouldn't help. The Spambots have recently implemented OCR (Optical Character Recognition) technology that is helping them circumvent most forms of CAPTCHA. Remember, this forum does use CAPTCHA during the registration process, and it managed to stop none of the Spambots from opening accounts.

Some websites are having luck with the more powerful reCAPTCHA system, but most are finding that the only way they can currently win the battle against the Spambots is to implement a verification system that asks a random question that only a human could answer, instead of using image verification.

An easy question like "What is Walt's last name?" or "Disneyland is located in what state?" manages to stop the Spambots dead in their tracks. This is because the Spambots are using scripts that couldn't possibly know the answer.

In some cases, the spammers are using low-paid workers in China, Russia, India, etc., to help guide the scripts along, but they have difficulty reading English, and even when they can, they usually have no clue as to what a correct answer might be. It is easier for them to move on to another victim at that point.

I've had zero problems with Spambots since implementing random questions on my forums.
 

eyore

DLRP explorer
Playlist Author
On the subject of archives, would it be possible (if all else fails and it's not possible to move them) to lock the present site to new posts but still retain the archives here?
I really like that idea of a simple question.
Not "what's the third track in the WDW Frontierland BGM?" though. ;)
 

eyore

DLRP explorer
Playlist Author
Unless someone really wants the Tee shirt, there's another spam on the next forum down. ;)
 

Magic Music

Administrator
Playlist Author
Trent,

You need to make sure that you have a Co-Admin or Mod who is able to delete member accounts. You have killed spam postings, but you have not killed the accounts that created the spam:

DeteLilkseild
OemDownloadOemSoftware
Rhypebrer
Dymnmalmida
XYTyler
role-models
CialisBilligKaufen
gaduagsannoca
DownloadOemSoftw
Zookhefepharf

Etc., etc., etc.

Like Arnold, they will be back.
 
I need to check the "delete" function of moderation role. Can someone post a message in this thread with "OK to Delete" in it.

Bill said:
"deleting offensive posts"...I guess my days on here are numbered.
lol, no worries Bill. ;)
 

trentino

Member
Will removing the accounts really make a difference? My thought is that once they've spammed here once they aren't going to come back with the same username -- they just aren't programmed to do that. But that's just a guess. I see if I can give the moderators ability to delete accounts.
 

Magic Music

Administrator
Playlist Author
Will removing the accounts really make a difference? My thought is that once they've spammed here once they aren't going to come back with the same username -- they just aren't programmed to do that.
Trent, on my forums the same accounts kept coming back and trying to log on. In the long run, no, it won't make a difference, as they will attempt to register new accounts once they find their old accounts have been deleted. It's nice not to have your member directory flooded with phony accounts, though. There are forum members who actually use the directory for legitimate purposes.

Hey, while you're here... PMs have been broken for several weeks:

Code:
8: Undefined offset: 0
   File: /home/magicmus/public_html/discuss/Sources/PersonalMessage.php
   Line: 168
 

almandot

Member
Another easy hurdle to put spambots through is something like if they have under 5 posts they can't create a new thread.
 

Tannerman

Member
Personally, I'd like to see this community remain separate from what you have going on over at the Ning/DisFriends platform. The dynamics would change greatly if they were merged.
 

Magic Music

Administrator
Playlist Author
Another easy hurdle to put spambots through is something like if they have under 5 posts they can't create a new thread.
This depends on the forum software and the capabilities of the Spambots that are attacking it. In many cases, the Spambots appear to be able to get around various forum permissions.

I've got one of my forums set to require a manual upgrade to a different member group before anyone can post anything, and yet one of the Spambots was able to leave a post without my upgrading its account.

Most forums have HTML posts turned off completely, or available only to Admins, and yet you see full HTML spam being posted all over the place.

It's obvious that the Spambot programmers have studied the inner workings of the more popular forum and blogging software packages.

Personally, I'd like to see this community remain separate from what you have going on over at the Ning/DisFriends platform. The dynamics would change greatly if they were merged.
Agreed.
 

Tannerman

Member
I've had some success working with clients using vBulletin on some pretty high traffic forums to get around the spammer issue. Pigs is right... you can't totally prevent it, but certain plug-ins and platforms do a nice job of reducing the problem.
 
Well I see a lot of new users (about 30 in last 48hrs, all spambots) but no new post. I have not been able to delete these as of yet. I get an error that looks like the PM one we are getting.
 

eyore

DLRP explorer
Playlist Author
Spam alert for the music from the parks forum. :angry:
Unless anyone actually wants or needs the stuff - any takers? :D
 

Top