Jump to content

LAVA Spam and Upgrades


hooovahh

Recommended Posts

Posted

Your reporting of spam is helpful. And just like you are doing one report per user is enough since I ban the user and all their posts are deleted.  If spam gets too frequent I notify Michael and he tweaks dials behind the scene to try to help.  This might be by looking at and temporarily banning new accounts from IP blocks, countries, or banning key words in posts.  He also will upgrade the forum's platform tools occasionally and it gets better at detecting and rejecting spam.

  • Thanks 2
Posted (edited)

I find it interesting that spam really wasn't an issue until the forums were upgraded. :frusty:

I run old software on my website and I've noticed a reduction in spam attempts as time goes on and the scanners update to newer exploits. I was getting spam through the on-site contact form as they were bypassing the CAPTCHA. It's prevented with a simple .htaccess RewriteCond but when I recently upgraded the website OS I turned it off. It took a month for a scanner to find it and start spamming and it only sent every hour. A few years ago it took something like 30 minutes and they sent every 5 minutes.

By far the most effective methods to stop spam are

  1. Checking for reverse DNS resolution.
  2. Checking against known blacklists (like spamhaus.org).
  3. Offering honeypot files or directories (spider traps).  

#2 tends to have a low false positive rate but [IMHO] even 1 false positive is unacceptable for mail - although might be acceptable for a forum. 

I also wrote a spam plugin for my CMS which basically did the above first 2 things and a couple of other things like checking against a list of common disposable email addresses, checking user agents and so on. The way those things work is they tend to ban the IP address for an amount of time but I didn't want to ban someone that was trying to send an message through the site maybe because an email had bounced ; so I turned it off.

Edited by ShaunR

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.