First spammer spotted the forum

6 posts / 0 new
Last post
#1 6. November 2017 - 16:01
Sandro
Sandro's picture
Offline
Last seen: 4 years 8 months ago
Joined: 22.05.2015 - 18:08

First spammer spotted the forum

Hi,

less than one month after setting this forum up, the first spammer has spotted the forum.

Please "welcome" 'bangbangdanish' with an email address "…@pinsmigiterdisp.xyz", who contributed five exciting threads:

  • 06.11.2017 - 12:40 - "Zebeta | Order Pure Dog Discount"
  • 06.11.2017 - 12:40 - "Trileptal | Cod In New York"
  • 06.11.2017 - 12:40 - "Amoxicillin | Online Order"
  • 06.11.2017 - 12:40 - "Aspirin | Order Online"
  • 06.11.2017 - 12:40 - "Albendazole | Without Prescription Fast Shipping"

Five topics started within a minute, not bad…

Trying not to leave the spam ordures behind too boring, he tried to enrich the posts with some nasty Javascript:

  • newcentur***a.**m/scripts/drupal_rx.php?p=albendazole
  • newcentur***a.**m/scripts/drupal_rx.php?p=aspirin
  • newcentur***a.**m/scripts/drupal_rx.php?p=amoxicillin
  • newcentur***a.**m/scripts/drupal_rx.php?p=trileptal
  • newcentur***a.**m/scripts/drupal_rx.php?p=zebeta

Sorry, mate, this is automatically filtered.

What's quite interesting: 'bangbangdanish' joined the site 9 months 2 weeks ago, without managing to foist comment spam or anything else. So he is from a spammer sleeper cell.

Now, RIP, 'bangbangdanish', you will be never forgotten as the first spammer who haunted this forum.

Additional spam prevention measures have been activated. Let's see when the next one slips through…

Sandro

6. November 2017 - 16:18
FlashGordoll
FlashGordoll's picture
Offline
Last seen: 6 years 4 months ago
Joined: 18.10.2017 - 11:56

Re: First spammer spotted the forum

Good job you've got your anti - spam pants on Sandro!

6. November 2017 - 18:37
Ray Rentell
Ray Rentell's picture
Offline
Last seen: 5 years 2 months ago
Joined: 03.10.2017 - 11:34

Re: First spammer spotted the forum

Well done anti spam Sandro.
Out of interest what would the java script do , do not know much about that sort of thing.

6. November 2017 - 22:07 (Reply to #3)
Sandro
Sandro's picture
Offline
Last seen: 4 years 8 months ago
Joined: 22.05.2015 - 18:08

Re: First spammer spotted the forum

[…] what would the java script do […]

I have not looked at it. But with absolute certainty these things are worthless at best (e.g. tracking views). If external scripts are executed on a forum or comment server, kittens might die. That's why we simply do not parse the "script" tag. The paradigm towards trying to advertise for stuff like "Albendazole" is simple: "Shoot first, don't ask questions later".

I am a 'bit' hostile towards comment spammers as these parasites actualy do harm - they waste server ressources, about 60% estimated. With hosting costs of ~€230 p.m., those $§%&$& kill quite a sum of money.

Sandro

21. November 2017 - 14:53
ds112117
Offline
Last seen: 6 years 4 months ago
Joined: 21.11.2017 - 14:43

Re: First spammer spotted the forum

No problem keeping the spammers out. But 230 euros per month sounds VERY high to me. I suggest you look into Rackspace as a lower cost alternative web host. (BTW I am the doll owner previously known as tdf091106 and odc061210. Flashgordoll and Ray have known me for .... years(?) )

21. November 2017 - 15:34 (Reply to #5)
Sandro
Sandro's picture
Offline
Last seen: 4 years 8 months ago
Joined: 22.05.2015 - 18:08

Re: First spammer spotted the forum

No problem keeping the spammers out.

The challenge is to keep spammers and especially bots (harvesters and the like) out before they can cause damage (before anything is bootstrapped). Ideally, this happens on the network infrastructure, or at IP level, or at the very latest when they hit Varnish. That is not trivial as the only good blacklist (www.cleantalk.org) does neither interface with the network infrastructure nor iptables.

I am open to any suggestions…

Sandro