Posted:
Sun Feb 11, 2007 12:01 am
by abcde
Rather than playing whack-a-mole, I think the solution is to keep the bots from being able to post in the first place. Since the bots probably automatically register as well, that's the best bet in stopping them.
Does anybody know if it would be possible to tweak phpbb so that the "email" field is invisible, and it checks some new field with a different name for the person's email address instead? Then any users who filled out the invisible email field are obviously bots, and can be dealt with automatically. No IP bans, no innocent users punished.
Posted:
Sun Feb 11, 2007 4:17 pm
by K-MacK
invisible? Not really necessary. Just post a "don't use" over the E-mail field. Living eyes will register it, and not use it, while 'bots will ignore and post.
After asking around, I believe that there's a new wrinkle in this SPAM problem: the countries involved are poor countries. If you were to pay someone, say, one cent (U.S.) for each enabling entry, and pay them on a piecework basis, there are a lot of people who would gladly make the necessary entries for the SPAMmers.
Once the enabling entry was made, the 'bots would have a field day in the Forums.
Example: On another board, there is a person (or persons) using the name "Starwolf the mystic", and hitting every single field on the BB. That BB, by the way has had to resort to Kris' method of making every prospective member do a "prove you're human" posting before they are allowed onto the board.
Since the 'handle' is always in UPPERCASE LETTERS; I suspect that it's a group of Spammers practicing. The default to upper case means that they don't even have to be able to read or write English-they just follow a pattern they've been taught. There is a simple message included, always, just enough to grant them a non-'bot status.
And naturally, that BB is flooded with SPAM. It isn't even normal, healthy perverted SEX, it's for Credit cards (phishing) investments, insurace...that is just plain wrong! SPAM is for pervy sex, not the Fortune 500 companies.
I don't think this is going away anytime soon. Kris and other BB operators may have to start issuing Keys so that legit members can post.
Further, I've heard of a viral key that when you legitemately log in, takes that info and funnels it to a Spammer (it's a fake cookie). Then, said Spammer has your specific entryway into the Boards of your choosing, and if there's trouble, it's the member that gets it in the shorts, not the Spammer.
Oh, and if you keep yourself logged in all the time, it's a virtual open door to the BB, nowadays.
There will be fixes, and they'll work for a while, but like any disease--SPAM will evolve to overcome it.
For now, though, Kris- what you're doing will be about the best anyone can do. Too bad it takes so much time.
Edit: Apparently "Starwolf the Mystic" is someone...still, hitting just about every section of the BB is decidedly odd, and wierd to the Max. There were over sixty "hits" by this person in a twenty-four hour period.