Milovana.com

After Sillynicks
truely inspired
Monty Python skit
I had a though- Let us return what has been given to us
or Can we spam the spammers?
I am not sure if it's a 'good' idea but I wonder
can admin post the e-mail adrress these spammer use originally
so we can return a little spam to them?

I don't recomend spamming the websites advertised because I am not entirely sure these spammersare working at the bequest of the companies they promote


That said I plan to continue posting recipies.

Woooooooooh! Apparently i posted something inspirational. YEEEEEEEEEEAAAAAAAAAAHHHHHHHHHH!!!!! Go me!

i agree though that there must be someway of stopping some arseholes spamming on this wonderful website.

ariareflection wrote:

all2true wrote:Can we spam the spammers?
I am not sure if it's a 'good' idea but I wonder
can admin post the e-mail adrress these spammer use originally
so we can return a little spam to them?

First of all they don't use their real e-mails so they won't bother. Also in many occasions the posts you see come from bots. They auto-register, auto-posting etc...

Maybe the admins should add a word confirmation in the register form.

aria

Yup, an unsolveable(by machine) captcha would solve most bot- problems.

Though in theory it would be possible that a human solves those captchas.. lets say 10 of them... that would be like 10 new bot-accounts, and you only need 2-3 to fill the forum with spam quickly...

So.. We are probably never save of spam. Only thing we can do is to make it harder for the bots to register (and post).

-green-

Sorry about the late reaction. I'll fix the problem right away.

-- Stop reading here, unless you care about the technical details. --

green wrote:Yup, an unsolveable(by machine) captcha would solve most bot- problems.

There is no such thing as an unsolvable captcha. Most common captchas like the default phpBB captcha and reCAPTCHA have been broken. Bots these days are quite advanced. According to a 2005 study by Microsoft Research computers are actually better than humans at solving most captchas.

The bigger problem with captchas though is that everybody has to enter them which is inconvenient. We have a policy to try not to inconvenience our users if possible.

Some background on spam at Milovana: We used to have a captcha for a few months until - despite the captcha - we started getting a ton of spam. What we did was implement a blacklist that blocks IPs of people who have been reported to be spammers by other forums. This was and is working extremely well and is completely invisible to legitimate users. We are currently blocking about 50 spammer registrations per day using this method and so far we had only one legitimate user who complained about being blocked. (In the block message we provide an email address for users to contact, so we'd expect at least one in ten legitimate users to do that.)

The spam from the last couple of days was initiated by the bagle-cb spambot. It's a distributed botnet using regular users' PCs to initiate automated spam attacks. Logically these IPs are clean at the time the PC first becomes infected. I'm now going to start testing a few ideas on how to catch this special case. Since they are usually blacklisted within about an hour of becoming active, it should be enough to just recheck a user's IP against the blacklists again about an hour after they register.

In case you're curious on how these blacklists manage to be so efficient: They are mostly fed by honeytraps, which are dummy websites where no real people sign up, but when a spambot finds it, well, it'll sign up giving away the fact that it's a spambot. So in a sense, the bots downfall isn't that they aren't efficient enough, but that they are too efficient.