Spamming Forums

[TriumphTalk]

Hi all. I currently run a forum for Triumph motorbikes. It has been up and running for quite some time now. Unfortunately the spammers have no discovered the domain name and I am now being bombed with spammers registering and trying to post there important information on my site. I have however changed my configuration so the register members do not see this spam when it is posted. So I do have it under control but man it is irritating the life out of me.

So is there anyway to report these idiots to this site or any other way. Obviously I have information as below

209.160.64.38 Banned 0 andrewkosinov[at]1net.gr Edit Details Change Name Suspend Account

The mail I receive when a new member registers

Hello,

You have received this email because a new user has registered!

andrewkosik completed their registration on Jan 10 2007, 05:05 PM using andrewkosinov[at]1net.gr as their email address.

You can turn off user notification in the Admin Control Panel

Have a super day!

Regards,

[turetzsr]

Hi!

<snip>

So is there anyway to report these idiots to this site or any other way.

<snip>

...You can not use SpamCop to report these in the same way you can use it to report e-mail spam that is directed to you. However, if you are a registered SpamCop reporter, you can paste the offender's IP address into the web form at http://www.spamcop.net/ (after you log in) and see to what abuse address(es) SpamCop would report (on your behalf) spam, then generate your own reports to that/those abuse address(es). For example:

SpamCop v #612 Copyright © 1998-2006, IronPort Systems, Inc. All rights reserved.

Parsing input: 209.160.64.38

host 209.160.64.38 (getting name) = 209.160.64.38.svservers.com.

host 209.160.64.38 = 209.160.64.38.svservers.com (cached)

Routing details for 209.160.64.38

[refresh/show] Cached whois for 209.160.64.38 : abuse[at]hopone.net

Using abuse net on abuse[at]hopone.net

abuse net hopone.net = abuse[at]hopone.net

Using best contacts abuse[at]hopone.net

Statistics:

209.160.64.38 not listed in bl.spamcop.net

More Information..

209.160.64.38 not listed in dnsbl.njabl.org

209.160.64.38 not listed in dnsbl.njabl.org

209.160.64.38 not listed in cbl.abuseat.org

209.160.64.38 not listed in dnsbl.sorbs.net

209.160.64.38 not listed in relays.ordb.org.

Reporting addresses:

abuse[at]hopone.net

[StevenUnderwood]

Hi all. I currently run a forum for Triumph motorbikes. It has been up and running for quite some time now. Unfortunately the spammers have no discovered the domain name and I am now being bombed with spammers registering and trying to post there important information on my site. I have however changed my configuration so the register members do not see this spam when it is posted. So I do have it under control but man it is irritating the life out of me.

So is there anyway to report these idiots to this site or any other way. Obviously I have information as below

You have come to the right place. Steve T's response covers the spamcop side of things. The admin of these forums (Wazoo) is constantly fighting the same war here and will likely have some great additional hints for your forum. Just keep him from talking about his motorcycle experiences or you will never get anywhere

[jongrose]

What bulletin board software are you running? I am a mod on a large board and we have problems with spammers daily. If you can tell me which system you are running I can make some suggestions on how to deal with these spammers and how to help prevent them from posting on your system and reporting them to their ISP (although that usually doesn't help). If you don't want to post the name of your site publicly, feel free to PM me.

[Wazoo]

What bulletin board software are you running?

From what I see ..... Powered by Invision Power Board v1.3 Final

Hosted for free by InvisionFree ... a 'free' ancient version of this application ..... only 'technical' support is from other folks that do their own hacking, and even that would be based on whether the host allowed access to the software .. most don't .... most talk i see about Invisionfree is their 'charge' to get a copy of 'your' database from those folks that bought a locense for the real/current IPB software and wanted to change hosts ....

[TriumphTalk]

From what I see ..... Powered by Invision Power Board v1.3 Final

Hosted for free by InvisionFree ... a 'free' ancient version of this application ..... only 'technical' support is from other folks that do their own hacking, and even that would be based on whether the host allowed access to the software .. most don't .... most talk i see about Invisionfree is their 'charge' to get a copy of 'your' database from those folks that bought a locense for the real/current IPB software and wanted to change hosts ....

Yes this is correct and I am happy with the software and what I can do with it and the support from them. I have the situation under control as I have it setup so when I new member registers they see only one area that the normal members does not. They then need to post an introduction into this area and I will upgrade them from there. However it does not stop these idiots from trying there luck as well. So I was hoping that we could also report these idiots some how

Here is the latest spammer

MikeMorganos 202.1.54.31 Banned 1 kazap[at]remspyes.info

Hi, All.

First letter in this year was from my i-Net provider...

Was detected spam activity from my PC. Bandwidth usage about 1Gb..

Here (http://remspyes.info) found free pc scan tool - more than 30 spyware\adware items found...

Be careful and happy new year...

[turetzsr]

<snip>

So I was hoping that we could also report these idiots some how

<snip>

...Absolutely! But you'll have to report them manually. You can use SpamCop to find the abuse address(es) to whom to report, as I indicated above (53155[/snapback]).

[Wazoo]

as I have it setup so when I new member registers they see only one area that the normal members does not. They then need to post an introduction into this area and I will upgrade them from there.

A definite PITA for sure.

However it does not stop these idiots from trying there luck as well. So I was hoping that we could also report these idiots some how

My complaints include server logs that show just what that user was up to. Direct access to this server makes that pretty easy. Managing other sites on other hosts, this is problematic. May or may not have access to some logs, that access may or may not be accessible (for extraction) for some specific data ... but typically this is a lot of work. Results range from basically being ignored to an interesting CC: of an e-mail advising the user that he/she had 12 hours to remove the infection or the 'local block' would turn into a 'full disconnectin with cleanup fees' ....

[TriumphTalk]

...Absolutely! But you'll have to report them manually. You can use SpamCop to find the abuse address(es) to whom to report, as I indicated above (53155[/snapback]).

Ok so what information do they need me to post. Would I need to post the message that the spammer posted along with his e-mail address and IP. The e-mail address is valid as I also have e-mail verification active so without a valid e-mail they cannot get in at all.

Now what I would like to do is submit there valid e-mail to some bulk spamming list so they get spammed back to death http://209.85.62.26/5665/48/emo/16cfdfbf.gif

Moderator Edit: changed the off-site link .. bandwidth issue

[turetzsr]

Ok so what information do they need me to post. Would I need to post the message that the spammer posted along with his e-mail address and IP. The e-mail address is valid as I also have e-mail verification active so without a valid e-mail they cannot get in at all.

...Sounds good to me but best to ask them. Wazoo has provided other guidance, above. 53210[/snapback]

Now what I would like to do is submit there valid e-mail to some bulk spamming list so they get spammed back to death http://209.85.62.26/5665/48/emo/16cfdfbf.gif

...As you no doubt realize (since you did put that clever smiley there), that would lower you to their level and also clutter up the internet even more then the low-life spammers (redundancy intentional) already do!

[TriumphTalk]

..As you no doubt realize (since you did put that clever smiley there), that would lower you to their level and also clutter up the internet even more then the low-life spammers (redundancy intentional) already do!

Yip that I did indeed realize and you are right that was what the smiley was for and besides that the type of person you are dealing with here it probably would not make much impact on them anyway

[TriumphTalk]

One other thing, how do these spammers get paid? Is it per post or per click as I have the message quoted below in that area? I see them reading the post and then they go off and post there spam. I then delete the message as they are busy reading there post and they post again until I ban them.

[agsteele]

One other thing, how do these spammers get paid? Is it per post or per click as I have the message quoted below in that area? I see them reading the post and then they go off and post there spam. I then delete the message as they are busy reading there post and they post again until I ban them.

I think you are attributing too much to these spammers. Much of what is done is automated so chances are they never see your reply to them. The more time you devote to their junk, the more they win in as much as they are then wasting your time.

Andrew

[GraemeL]

You might find this video from a ratware vendor useful to show what sort of resources that you're actually up against in trying to protect your forums from spammers. Not pretty.

[showker]

I launched the "Design CAFE" and "Photoshop 911" forums around January 5th, and instantly had several spambots hitting the forums every day. We EVEN have a Captcha. However, spambots have become sophisticated enough to decipher captchas.

Depending on WHICH forum software you use (we use vBulletin) there are several Open Soucrce plug-ins that have taken a different tact with separating the genuine humans from the low-life, sleeze-ball spammer spambots.

The one we got asks a simple question. It requires thought on the part of the applicant.

* "What is the last word in the previous paragraph?"

* "What color are UPS delivery trucks?"

Then in the code, you provide a selection of possible answers; caps, etc.

You can also modify it to instruct the user what to type in. The bots can't

figure this out -- like their owners, they are too stupid.

So far (fingers crossed) it's been 100% effective.

Another will show a small, simple picture of an object and ask "What is in the picture?"

This has also been 100% effective.

Check the support forums for the software you are using and I'm sure you'll find

all sorts of possible solutions. Ours was listed in the http://www.vBulletin.com/

forum, and my server guru simply plugged it in and configured it.

Presto! Spammers GONE.

Of course, if the spammer IS human, then they can get in.

But then they are easy to delete and block via IP blocking.

Fred

http://www.DTG-forums.com/

[qjvgpuryy]

Ours was listed in the http:// www.vBulletins.com/ forum

I think you mean http://www.vBulletin.com/ (without the trailing 's').

A moderator may wish to change the link, in which case this post can be removed.

[turetzsr]

Ours was listed in the http:// www.vBulletins.com/ forum

I think you mean http://www.vBulletin.com/ (without the trailing 's').

A moderator may wish to change the link, in which case this post can be removed.

..Be happy to make the change, if Fred concurs. Please let me know, Fred, either by reply here or via PM!

[Farelf]

..Be happy to make the change, if Fred concurs. ...

vbulletins is clearly a parking space. Change made. Good catch David, your post stays for the record. 23 more and you get a set of steak knives and/or undying gratitude of the assembly.

[qjvgpuryy]

vbulletins is clearly a parking space. Change made. Good catch David,

Thanks.

your post stays for the record.

Uh, ok.

23 more and you get a set of steak knives and/or undying gratitude of the assembly.

I didn't think that 144 posts was one of the member classification level change numbers - are you sure?

I don't need any steak knives, so I'll take the 'undying gratitude of the assembly' please.

[Farelf]

I didn't think that 144 posts was one of the member classification level change numbers - are you sure?

I guess that makes it a gross lie? The Devil made me do it.