1234

Damn spam bots (Read 1841 times)

    Eric, you take such good care of this board and keeping the idiotbots out as much as you can. 

    We all really appreciate it! Smile

    "Don't feel like running today...suck it up and run ...you're an athlete." (John Stanton, founder & owner of The Running Room)

     

    "The person who starts the race is not the same person who finishes the race."

        If you have ideas on how to deter bots, please let me know.

       

       

       

      Ask them Paul Ryan's marathon PR. Wink

        As a follow up, a few days after I made the initial post, the number of attempts to create accounts by these bots went as high as about 7,300 a day.  That's about 4 to 5 attempts every minute.  It gradually came back down to about 100 a day yesterday.  Still not sure why the spammers need this many accounts.

         

        On a similar note, they're sending spams using RA as the sender.  This is nothing new.  They've been doing that for years and I can't stop them from sending them.  I did set up SPF to specify legitimate RA emails should come from designated email servers.  All emails not from these email servers should be rejected.  Sadly, not all recipient mail servers take advantage of this information and blindly accept the spams.  RA is also on the receiving end of these spams.  My catch all account is filled with emails to sell me little blue pills.

         

        The interesting thing is that in both cases where RA is the recipient and supposed sender, the email addresses consist of random hexadecimal values:

        2fb8936@runninga...

        33b7b3e@runninga...

        9bbfc562@runninga...

         

        I think it was a bug since not too many people, if any, would have such addresses.  Indeed, in the last couple of days, I'm seeing the emails change from hexadecimal to random letters:

        VOwJAxgYcd@runninga...

        zAkrXcKsKk@runninga...

         

        I'm guessing their tactic is to generate so many random email addresses that some of them will be valid.  I suspect this is possible only through botnets since only they have the computing power and bandwidth to pull it off.  Is anyone surprised that 75% of all emails are spams?

          I'm a moderator on a busy forum, and we face the same challenges with spammers.  The site has several tech guys to work on the problem, but it's an uphill battle.  We see the same type of random email addresses as you mentioned.  We are getting a ton of ads for live streaming of football games.  Last weekend, I spent a lot of time deleting the posts.  We had one spammer who sent many private messages to people, so we had to deal with a lot of reports from annoyed members.

          jimmyb



             

            One obvious solution is to force the user to verify his/her email address before creating the account.  I don't like this idea because I don't want the potential new user to wait for the email before he/she can use RA.  If you have ideas on how to deter bots, please let me know.

             

             

            eric Smile

             

            Almost everything I've signed up for has had the email verification. If I would have had to do it when signing up for RA, it wouldn't have bothered me or deterred me. I suggest you go for it---it's so common it's almost expected. It's no mystery what RA offers, and anyone signing up probably really wants to.

             

            Keep up the good work, Eric.Cool Thanks for everything.

            Log    PRs

              How do I report a spam entry on the forum?

               

              This morning, somebody posted a SPAM entry on a number of threads (@ 6:36am CST), and I don't know who to report it to, or the best way to report it.

              (It's obvious who did the SPAM since there were about 10+ entries, but also want this post to capture the "here's what to do" for any posts in the future)

               

              Many thanks,

              Brian

              2014 Goals:

              #1: Do what I can do. <DOING>

              #2: 365 Hours training <NOPE, INJURED>

               

              Ojo


                There is also spam in the Holiday Running Streak thread that was posted at 7:33 am.

                 

                Sad

                Sara

                MM #2929

                  Well, they ARE offering an Ed Hardy bikini for $18.

                  HF #8206

                   


                  rebuilding r2th v2.0

                    I'm a moderator on a busy forum.....  Last weekend, I spent a lot of time deleting the posts.

                     

                    One thing for sure. You don't work at RWOL.

                      Hi guys,

                      If you spot a spam, just drop me a PM or email (via the feedback link) and I'll take care of it.  It may take a couple of hours if it's in the middle of the night.  The forum admins will also censor the posts as well.  I think we have enough admins spread out geographically that we're covered 24 hours a day.

                       

                      As for this latest spammer, he/she is from China, from the same subnet in China as the previous one.  Is it possible that the spammers outsourced their work to China too?  Originally, I thought I shouldn't block the whole subnet (59.58.0.0) because I might be locking out legitimate users.  I did a search and found a total of 8 accounts from that subnet and they all look suspicious.  I also ran another query to see if any of these accounts created spam and sure enough, a few more spam posts came up so I just blocked the subnet.

                       

                      I also looked at the pattern of the latest spams.  They looked like they're manually entered, unless the spam software is so sophisticated that it emulates human data entry.  There's nothing I can do to stop humans from posting without making it totally inconvenient for everyone else.  For now, we can only censor the spam as they come up.

                       

                      eric Smile

                        Just a thought.

                         

                        Would it be possible to block the user if the current content is the same as the last 5 posts in different threads?

                        5k - 20:56 (09/12), 7k - 28:40 (11/12), 10k trial - 43:08  (03/13), 42:05 (05/13), FM - 3:09:28 (05/13), HM - 1:28:20 (05/14), Failed 10K trial - 6:10/mi for 4mi (08/14), FM - 3:03 (09/14)


                        I'm back!

                          Good thought.

                            Just a thought.

                             

                            Would it be possible to block the user if the current content is the same as the last 5 posts in different threads?

                             

                            That's a good idea!  The only problem might be it can be very resource intensive.  I'll have to think more about this, but I like it!


                            Lazy idiot

                              Just a thought.

                               

                              Would it be possible to block the user if the current content is the same as the last 5 posts in different threads?

                               

                              Trent would be blocked in a matter of days.  I think the answer is obvious.

                              Tick tock


                              I'm back!

                                That's a good idea!  The only problem might be it can be very resource intensive.  I'll have to think more about this, but I like it!

                                 

                                But you could run the analysis as a low-priority background task, right?
                                1234