Page 143 of 330
Reporting NON-spam
Posted: Sun Feb 13, 2011 5:01 am
by CheeseRedux
*
Being up early (or late) and all that, I came across a new registration: EnenrydEseend -
https://bb.oolite.space/memberlist.php?m ... ile&u=4703
Being naturally skeptical of new accounts with websites, especially websites in foreign alphabets, I fired up the old translator. As far as I can tell it's mostly about the Russian National Rugby Team, and as such no cause for concern. Just thought I'd share the fruits of my labour to save anyone else from doing the same digging. Unless of course you'd like to read about Russian rugby.
If such negative spam reporting is undesired, feel free to delete.
Edit:
Immediately after posting, I noticed this on the previous page:
I never saw the first registration, so I don't know what triggered the katana. Based on what I can see, I still stand by my original assessment, though.
Re: Reporting spam
Posted: Sun Feb 13, 2011 7:13 am
by CheeseRedux
*
On the other hand...
cycleckounc -
https://bb.oolite.space/memberlist.php?m ... ile&u=4708
Peddling pharmaceuticals. Purge, please.
Re: Reporting spam
Posted: Sun Feb 13, 2011 10:51 am
by Smivs
Re: Reporting NON-spam
Posted: Sun Feb 13, 2011 11:35 am
by Disembodied
CheeseRedux wrote:Being naturally skeptical of new accounts with websites, especially websites in foreign alphabets, I fired up the old translator. As far as I can tell it's mostly about the Russian National Rugby Team, and as such no cause for concern.
[...]
If such negative spam reporting is undesired, feel free to delete.
I think the trick these bots try to pull is they set up a profile with a random but innocent website: then they come back at a later date and edit the profile to point somewhere else.
Re: Reporting NON-spam
Posted: Sun Feb 13, 2011 12:20 pm
by CheeseRedux
Disembodied wrote:I think the trick these bots try to pull is they set up a profile with a random but innocent website: then they come back at a later date and edit the profile to point somewhere else.
If that is the case, they certainly work hard for their money - or at least multitask a lot.
The account in question was logged on for over an hour after creation (or came back on an hour after, which to me seems a strange way of doing it; if you're gonna cloak for a bit, why just an hour?), and given the fact that the same username was killed on the previous page, why would you try any cleverness at all? Why not just register and immediately spread your spam? Maybe I'm just assigning too much detail-orientedness to it. After all, it may it may have gotten killed so quickly the first time that aegidian.org didn't get ticked off on the list.
Anyway, about 3.5 weeks ago,
Thargoid wrote:We have a hack on aforementioned other board that new user posts do not appear until approved by a moderator or admin (and a maximum of I think 6 posts can be made per account and held in the approval queue).
It adds a little extra work for we mods, but it works very well in stopping normal users from seeing any kind of spam (presuming we don't approve something or someone by mistake of course). And once a post has been approved for a given account, then no further approval is needed for subsequent posts.
I would recommend it as a consideration if some new security measures are desired.
With the steady influx of spambots we've been seeing since the switch to v3, I think something like this should be seriously considered. With the majority of people here being in timezones close to GMT, there is a real possibility of undesired posts staying up for 6-8 hours before anyone with a katana could get to them. The only real downside I can see to filtering first post through a human being (aside from the work involved) is the same geographical spread; posts might sit for a few hours before getting cleared. On the other hand, if there's no one to let it through, there's also likely to be no one around to reply, anyway. (And if someone gets offended when they get a message along the lines of "In order to ensure a spam-free board, your first message has been placed in a queue awaiting approval by one of our administrators. As most of them live in Europe, this may take a few hours if you posted during European nighttime. We apologize for any inconvenience." I, for one, quite frankly think they'd be better off staying on the
unfriendly side of Riedquat.) I've no clue how the inner workings of the bb function, but if it's possible to give admin powers limited to just 1st post approval, we might find someone to cover the other timezones without getting into a situation with too many cooks.
Re: Reporting NON-spam
Posted: Sun Feb 13, 2011 12:40 pm
by Disembodied
CheeseRedux wrote:If that is the case, they certainly work hard for their money - or at least multitask a lot.
The account in question was logged on for over an hour after creation (or came back on an hour after, which to me seems a strange way of doing it; if you're gonna cloak for a bit, why just an hour?), and given the fact that the same username was killed on the previous page, why would you try any cleverness at all? Why not just register and immediately spread your spam? Maybe I'm just assigning too much detail-orientedness to it. After all, it may it may have gotten killed so quickly the first time that aegidian.org didn't get ticked off on the list.
I think that not all spambots are designed to actually spread spam: some are just link-farmers. There's often no intention to use the profile to post crap here; it's just there to create a link to the site being pumped.
http://en.wikipedia.org/wiki/Forum_spam#Types_of_spam
Re: Reporting spam
Posted: Sun Feb 13, 2011 12:43 pm
by Disembodied
*
Speak of the devil:
getCreart:
https://bb.oolite.space/memberlist.php?m ... ile&u=4722
Strong suspicions here. Admittedly based on the name only, but ...
Re: Reporting NON-spam
Posted: Sun Feb 13, 2011 12:50 pm
by CheeseRedux
'twould appear there is more to this than meets the eye. But someone ought to tell these guys they're fighting a losing battle here. We're way too small to let anything go unnoticed for any usable amount of time.
Re: Reporting NON-spam
Posted: Sun Feb 13, 2011 1:18 pm
by CheeseRedux
***
CheeseRedux wrote:We're way too small to let anything go unnoticed for any usable amount of time
And just to prove myself wrong, I did some digging...:
chomperman -
https://bb.oolite.space/memberlist.php?m ... file&u=127 - Joined: Thu Nov 11, 2004 4:55 am
Admittedly, if this is a bot, it's
very well done. But a website with "nutrition" in the name?
pokatinzy1 -
https://bb.oolite.space/memberlist.php?m ... ile&u=1236 - Joined: Mon Nov 20, 2006 12:48 pm
You need a Russian to fix your apartment? This is your guy.
AJGreen -
https://bb.oolite.space/memberlist.php?m ... ile&u=2641 - Joined: Sat Sep 19, 2009 4:42 pm
This might be a genuine fellow, but link in sig is to his internet marketing blog, and website is peddling proxy services.*
*What is our policy on links to moneymaking businesses, anyway? I seem to remember it being frowned upon, but do we have a hard and fast rule?
Re: Reporting spam
Posted: Sun Feb 13, 2011 1:48 pm
by Thargoid
Apparently in phpBB3.0.3 and onward the first post approval is built-in:
Administration Control Panel > General >>Board Configuration> Post Settings > Enable queued posts:set this to 1 (or however many you wish).
I thought on our board (the one I mod, not this one) it was added as a hack, but I cannot find such a hack on the normal website used for such things (phpbbhacks oddly enough). But if it's built-in then that woudl make sense I guess.
It's also linked into the users & groups > groups' forum permissions > advanced permissions > misc tab too for later versions I think if you want fora where posting without approval is allowed.
Re: Reporting spam
Posted: Sun Feb 13, 2011 1:59 pm
by JensAyton
Thargoid wrote:Administration Control Panel > General >>Board Configuration> Post Settings > Enable queued posts:set this to 1 (or however many you wish).
No, this is not built in.
Re: Reporting spam
Posted: Sun Feb 13, 2011 2:03 pm
by Thargoid
Fairy snuff.
It should be in there as it's part of phpBB (and we're up to date there from what I can see plus would expect given when the update was done), but whether it's active or not is another question entirely of course (the second part of my above post may be set, so that approval is not required for any forum for example).
This of course presumes that the update was a complete one from phpBB2 (which didn't have the feature).
Re: Reporting spam
Posted: Mon Feb 14, 2011 12:50 am
by TGHC
*
Found one...I think....if anyone can read cyrillic, there are too many URL links!
https://bb.oolite.space/viewtopic.ph ... 51#p129551
Re: Reporting spam
Posted: Mon Feb 14, 2011 4:11 am
by CheeseRedux
* * * * *
Kendrick.Q.Bart -
https://bb.oolite.space/memberlist.php?m ... ile&u=4751
Splendid effort. The name, the cute dwarven avatar. Too bad about the ForEx links, though. They kinda gave away the game.
Addendum: A bit more archeology:
rib -
https://bb.oolite.space/memberlist.php?m ... ile&u=2007 - Joined: Mon Jan 28, 2008 9:31 am - Last visited: Tue Jan 29, 2008 11:06 pm
A perfectly innocent account, I believe, except for the link to his technical architecture firm. (Again, what is the formal stance on these things?)
gongoozler -
https://bb.oolite.space/memberlist.php?m ... ile&u=1217 - Joined: Fri Nov 17, 2006 8:49 pm - Last visited: Tue Nov 28, 2006 7:30 pm
Same as above. This time it's design/photography.
Wakeless -
https://bb.oolite.space/memberlist.php?m ... file&u=280 - Joined: Tue Aug 23, 2005 1:19 pm - Last visited: Tue Aug 23, 2005 2:57 pm
No clue what kind of business that website is, as you need a code to get in. Maybe a PM would get me one?
Austin -
https://bb.oolite.space/memberlist.php?m ... ile&u=2936 - Joined: Mon Mar 08, 2010 11:40 pm - Last visited: Mon Mar 08, 2010 11:41 pm
Probably innocent enough. Site is down, so I couldn't check it.
Edit:
Gandr -
https://bb.oolite.space/memberlist.php?m ... file&u=398 - Joined: Tue Jan 17, 2006 11:53 pm - Last visited: Fri Jan 20, 2006 6:59 pm
This is most likely the same fellow as gongoozler above. Profiles close enough to identical not to matter.
Re: Reporting spam
Posted: Mon Feb 14, 2011 7:52 am
by JensAyton
CheeseRedux wrote:A perfectly innocent account, I believe, except for the link to his technical architecture firm. (Again, what is the formal stance on these things?)
Formal? Meh. If it’s an account that hasn’t been active at any time, it’s clearly referral farming. For actually active members, it’s a case-by-case thing.