limetech Posted December 14, 2010 Share Posted December 14, 2010 The spammers have figured out how to post to the forum without having a login account - or else maybe they are creating account, posting spam, then deleting account. Anyway I need to update the SMF software to the latest version, so forum will be down tonight, 14 Dec at approx. 11:30PM MDT. Hopefully this won't take very long. Link to comment
prostuff1 Posted December 14, 2010 Share Posted December 14, 2010 Thank god!! I have been reporting any that comes along and that I find. I think what they are doing is creating an account and then closing there account, as they show up as a Guest after the post has been made. Link to comment
WeeboTech Posted December 14, 2010 Share Posted December 14, 2010 I'm sure many of us are "reporting to moderator", so in effect tom is being "re-spammed" by us. LOL!!!! Sorry Tom! Link to comment
limetech Posted December 14, 2010 Author Share Posted December 14, 2010 Found something interesting with this particular spam - even if you are not logged into the forum, the "Modify" and "Remove" buttons appear for these postings. If you notice this the case then feel free to delete those suckers. Link to comment
bubbaQ Posted December 15, 2010 Share Posted December 15, 2010 Odd... if you *are* logged in, those buttons are absent. Link to comment
limetech Posted December 15, 2010 Author Share Posted December 15, 2010 Updated to SMF version 1.12. Please post any problems you see in this thread... or email me: [email protected] Link to comment
kizer Posted December 15, 2010 Share Posted December 15, 2010 I run this same software on my site. You think you have problems you should try running some other flavors. It gets really bad. Link to comment
limetech Posted December 15, 2010 Author Share Posted December 15, 2010 I run this same software on my site. You think you have problems you should try running some other flavors. It gets really bad. Have you used any of the anti-spam mods? http://custom.simplemachines.org/mods/index.php?action=search;type=19 Link to comment
kizer Posted December 15, 2010 Share Posted December 15, 2010 Yes I use this one in particular. http://custom.simplemachines.org/mods/index.php?mod=1547 It more or less checks anybody that is going to register against a known spam list and if they match it dis allows them to register. What I did after install is I disabled the nickname check since well some guy with the name of Tom could of been labeled a spammer, but the odds of his nick not being the same guy with a known spammer ip or known spammer email address. This is on my 7year old forum. Of course I haven't been using it ever since, but when I converted from phpBB to SMF I ran the above against it and well it found tons of spammers and removed them. 8879 Spammers blocked up until today This is what it looks like in the admin panel. As well it shows you right when you login if there is anybody that might be a false positive and allows you to pass them. Normally its always a reported email and ip address in the database that matches. I just simply hit the deny and it deletes their attempt to register. I've yet had one person email me or use the contact form and say they tried to register, but could not. Enable/Disable MOD Stop Spammer X If MOD Stop Spammer is enabled, every time we check a member: Check their username Check their email X Check their IP X By default, every time you check a member with MOD Stop Spammer it will check their username, email and IP. If you are getting too many false positives because of their usernames you can turn that option off. We wouldn't recomend you to turn off the another 2 options (to check their email and IP) unless you know what you are doing. Oh yeah I forgot if you do install this you will find the settings for it under Registration > Settings. I'm running 2.0, but I'm guessing the settings are the same for 1.1.12 Link to comment
bubbaQ Posted December 15, 2010 Share Posted December 15, 2010 I've been using this one: http://custom.simplemachines.org/mods/index.php?mod=1519 with good success. Link to comment
kizer Posted December 15, 2010 Share Posted December 15, 2010 Interesting. They both use the same database and they both appear to be originally written within a month from each other. I wonder who copied who. LOL Link to comment
Spectrum Posted December 16, 2010 Share Posted December 16, 2010 Yeah too bad. I keep waiting for this thread to get spammed Link to comment
limetech Posted December 16, 2010 Author Share Posted December 16, 2010 Added "Stop Spammer" MOD about an hour ago and has already stopped a couple spammers. In addition, notice is hereby given, any member who has 0 posts and has not visited the forum since 2010-01-01, may be deleted at any time. Link to comment
Ken R. Posted December 16, 2010 Share Posted December 16, 2010 I see it didn't work - posting as guest means you have a big hole somewhere. I run a ubb board, spam has not been a problem but we did get hacked once and the whole board was replaced. They left all kinds of back doors - I basically had to start over from scratch, export the databases and re import them cleaned. A real PIA. Link to comment
limetech Posted December 16, 2010 Author Share Posted December 16, 2010 I see it didn't work - posting as guest means you have a big hole somewhere. I run a ubb board, spam has not been a problem but we did get hacked once and the whole board was replaced. They left all kinds of back doors - I basically had to start over from scratch, export the databases and re import them cleaned. A real PIA. You're not kidding: A real PIA. When you say hacked, do you mean just your forum or the entire site - that is do you think a vulnerability was exploited in the forum software itself, or do you think your host account got hacked and files were changed/replaced that way? If the former, then is it sufficient to delete all the forum source files and re-install? Link to comment
Joe L. Posted December 16, 2010 Share Posted December 16, 2010 Added "Stop Spammer" MOD about an hour ago and has already stopped a couple spammers. In addition, notice is hereby given, any member who has 0 posts and has not visited the forum since 2010-01-01, may be deleted at any time. Can you consider something similar for the wiki? Seems like hundreds of spam users are being created. Link to comment
prostuff1 Posted December 16, 2010 Share Posted December 16, 2010 I am not sure if something else is going on, but I was just trying to send out a couple PM's and I got messages about the inbox's being full. Now it may be that they are full, but I had a huge backlog of PM's and was not full, so it is highly unlike that these accounts where. Link to comment
limetech Posted December 16, 2010 Author Share Posted December 16, 2010 I am not sure if something else is going on, but I was just trying to send out a couple PM's and I got messages about the inbox's being full. Now it may be that they are full, but I had a huge backlog of PM's and was not full, so it is highly unlike that these accounts where. I changed some of the membergroups and permissions. I got rid of "Jr. Member" and changed to "Member", and you get that status after 5 posts. With 0..4 posts is "Newbie" with restrictions: limit 5 PM's (maybe this applies to inbox as well?), can't edit 'additional' profile settings, i.e., signature, a few others. Wish you were able to prevent embedded links but doesn't seem to have this ability. Link to comment
prostuff1 Posted December 16, 2010 Share Posted December 16, 2010 I am not sure if something else is going on, but I was just trying to send out a couple PM's and I got messages about the inbox's being full. Now it may be that they are full, but I had a huge backlog of PM's and was not full, so it is highly unlike that these accounts where. I changed some of the membergroups and permissions. I got rid of "Jr. Member" and changed to "Member", and you get that status after 5 posts. With 0..4 posts is "Newbie" with restrictions: limit 5 PM's (maybe this applies to inbox as well?), can't edit 'additional' profile settings, i.e., signature, a few others. Wish you were able to prevent embedded links but doesn't seem to have this ability. OK, I have been sending PM's to 2 different members that have 3 and 1 post. With the change it seems that I can't get a hold of them anymore, as they probably don't realize the "issue." I should be able to figure something out, but if you could "turn it back" until midnight tonight that would be great!! Link to comment
limetech Posted December 16, 2010 Author Share Posted December 16, 2010 I am not sure if something else is going on, but I was just trying to send out a couple PM's and I got messages about the inbox's being full. Now it may be that they are full, but I had a huge backlog of PM's and was not full, so it is highly unlike that these accounts where. I changed some of the membergroups and permissions. I got rid of "Jr. Member" and changed to "Member", and you get that status after 5 posts. With 0..4 posts is "Newbie" with restrictions: limit 5 PM's (maybe this applies to inbox as well?), can't edit 'additional' profile settings, i.e., signature, a few others. Wish you were able to prevent embedded links but doesn't seem to have this ability. OK, I have been sending PM's to 2 different members that have 3 and 1 post. With the change it seems that I can't get a hold of them anymore, as they probably don't realize the "issue." I should be able to figure something out, but if you could "turn it back" until midnight tonight that would be great!! I changed back to "unlimited". Link to comment
prostuff1 Posted December 16, 2010 Share Posted December 16, 2010 I changed back to "unlimited". Thanks!! Your welcome to change it back at midnight if you like. I will let the members I have been talking to start emailing me there questions. Link to comment
limetech Posted December 16, 2010 Author Share Posted December 16, 2010 I changed back to "unlimited". Thanks!! Your welcome to change it back at midnight if you like. I will let the members I have been talking to start emailing me there questions. Ok. I've noticed that 'Max PM's for all membergroups is set to 'unlimited' - I can see how this might be abused, so what do you think are reasonable limits? Maybe 100? Link to comment
kizer Posted December 16, 2010 Share Posted December 16, 2010 Im sure you already have it set, but make sure you have guests are "not" allowed to post. As well that software only catches known spammers. If you have people that are joining, spamming and then leaving check their ips and send them to the stopforumspam.com So they can't come back and continue to haunt you or others. Link to comment
kizer Posted December 16, 2010 Share Posted December 16, 2010 I changed back to "unlimited". Thanks!! Your welcome to change it back at midnight if you like. I will let the members I have been talking to start emailing me there questions. Ok. I've noticed that 'Max PM's for all membergroups is set to 'unlimited' - I can see how this might be abused, so what do you think are reasonable limits? Maybe 100? I have mine set to 50. I figure unless your a moderator or somebody that gives a lot of tech support via messages there is no reason to need unlimted. You could always setup member groups based on posts and give those that post a lot more messages since its very obvious they post a lot and more than likely need the extra space. Those with hardly any posts often would not need as much. Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.