Sciencemadness Discussion Board

Tired of reporting spam

 Pages:  1  ..  3    5    7

Swinfi2 - 29-5-2018 at 10:26

I really like Reboots idea of a sign up quiz. say like 5 easy questions.

eg:
Balance this equation CH4 + _O2 -> _CO2 + _H2O
Give the formula product of H2SO4 + NaCl -> NaHSO4 + __
What is a Kelvin: A) A material. B) A name. C) Unit of temperature. _
Give the Element symbol for any element that's a liquid at room temperature: __
what is the SI unit for energy: _

just long enough that a human who has to look this stuff up might think ffs i'll post quicker somewhere else.
a bot should obviously fail unless its given the answers, i guess make them show up in random order.

crystal grower - 29-5-2018 at 11:53

Thats a great idea.
I can also imagine giving a picture of for example destillation apparatus or erlenmeyer flask, crystal of CuSO4, bromine, etc. and asking to name that piece of apparatus or compound/element.

aga - 29-5-2018 at 13:59

I can imagine a really active Amateur Chemistry forum where just about Every post is full of photos and detailed information about
amazing Chemical experiments the member did that day.

So detailed that many other members could (presumably would) try to replicate it and have a bundle of fun, and discuss their findings.

'Signal-to-Noise'-wise, we're not really in that ballpark here, not today/month/year for sure.

Any barrier to Inclusion would further make SM an exclusive playground for the endless stream of non-chemists who like to type words into a computer, imagining they are living Real lives.

j_sum1 - 29-5-2018 at 14:41

Quote: Originally posted by aga  
I can imagine a really active Amateur Chemistry forum where just about Every post is full of photos and detailed information about
amazing Chemical experiments the member did that day.

So detailed that many other members could (presumably would) try to replicate it and have a bundle of fun, and discuss their findings.

'Signal-to-Noise'-wise, we're not really in that ballpark here, not today/month/year for sure.

Any barrier to Inclusion would further make SM an exclusive playground for the endless stream of non-chemists who like to type words into a computer, imagining they are living Real lives.

Amen! Do it aga!
Fix that signal to noise problem.

fusso - 29-5-2018 at 21:33

@Tsjerk
Ah shit I should've used the edit function earlier

RogueRose - 16-6-2018 at 14:56

it's been bad the last 3-4 days. Must have reported 40-50 postings.

Is there a way to show how many reports each member has made? That would be interesting to see!

SelfInflicted - 16-6-2018 at 15:48

Sorry if this has been suggested before.

There is a report button. What if a process could count the number or reports that has the word spam in the report and automagically move off the message.

Who has time to program that though.

Could be a list of trusted members and if that member reports the post it is off to the spam folder. Report "spammer" an then automatically temporary ban.

Just thoughts.

RogueRose - 16-6-2018 at 17:43

Quote: Originally posted by SelfInflicted  
Sorry if this has been suggested before.

There is a report button. What if a process could count the number or reports that has the word spam in the report and automagically move off the message.

Who has time to program that though.

Could be a list of trusted members and if that member reports the post it is off to the spam folder. Report "spammer" an then automatically temporary ban.

Just thoughts.


I found in my U2U outbox it lists all the reports of SPAM, so you can count them there.. I have about 700

Tsjerk - 16-6-2018 at 22:27

You guys do know you are requesting people to write code, test that code, and implement that code just so you can see how often someone else reported spam, or so other people can see how often you reported spam?

I guess mods and admins who are volunteering their time here have better things to do with their time.

MJ101 - 17-6-2018 at 04:52

Quote: Originally posted by Bot0nist  
I like what barley81 did in the last spam thread. After reporting it, he posted "Spam thread reported" in the thread. This way everyone who always reports every spam they see (like me) will know its handled, and it will keep us from flooding the moderators with report U2Us. So, If you see a spam thread and it doesn't have a "reported spam" post in it, report it and post that you did. I think this will help.


@Bot0nist: That's a great idea. I'll do that the next time I report a spam post.

j_sum1 - 17-6-2018 at 16:09

Quote: Originally posted by MJ101  
Quote: Originally posted by Bot0nist  
I like what barley81 did in the last spam thread. After reporting it, he posted "Spam thread reported" in the thread. This way everyone who always reports every spam they see (like me) will know its handled, and it will keep us from flooding the moderators with report U2Us. So, If you see a spam thread and it doesn't have a "reported spam" post in it, report it and post that you did. I think this will help.


@Bot0nist: That's a great idea. I'll do that the next time I report a spam post.

Actually, not as good an idea as you suppose.
The spam-deletion script only runs on threads with zero replies. If there is a reply then it must be deleted manually. Just report with the tag-line spam.

MJ101 - 18-6-2018 at 06:04

@j_sum1: So sorry. I did it once.

I won't do it again.

XeonTheMGPony - 14-7-2018 at 19:23

They're on a rampage, can we just send them a package, and just tell them to ignore the ticking and open it in their spam meet up group?

WGTR - 18-7-2018 at 04:43

I just reported the latest round of it, every post. Someone else needs to go back and report spam from the last 2-3 days to get all of it.

MöbiusMan - 18-7-2018 at 05:54

It can't be that much work to set up a quiz thingy mentioned before. It seems like a good option. Then we can just work through deleting the San threads and the bad guys are out.

MJ101 - 18-7-2018 at 10:32

Here's a few things you can do.

1: Report IPs
https://www.abuseipdb.com/

Depending on the forum software (We have Woltlab but we're changing to Xenforo soon) The admins can see and report malicious IP addresses.

2: SpamCop:

https://www.spamcop.net/anonsignup.shtml

This can be used by the admins to report spammers, and hopefully get them kicked off of their respective ISPs.

Captchas are great for preventing spam bots from accessing the forum. Even a simple captcha would thwart a lot of spam.

But please. Keep the Captchas simple. crystal growers' idea for a captcha with pictures of a lab setup, asking the user to identify a piece of glassware is a great idea, and would be more than enough
to strain out those with zero knowledge. At least it would force them to do some leg work to learn about lab glassware. :)

(You can glean the info simply by watching chemistry videos on youtube ;) )

Hopefully, the info presented here will help the admins to minimize the amount of spam here. :)

BTW: What's the difference between a Florence flask and a round-bottom flask?


[Edited on 18-7-2018 by MJ101]

[Edited on 18-7-2018 by MJ101]

j_sum1 - 19-7-2018 at 01:47

It must have been a bad couple of days on the spam. I disappear for a 36 hours and return to this:


Screenshot_2018-07-19-19-19-39-53.png - 117kB

streety - 20-7-2018 at 03:06

I've just reported another round of spam. Thanks to whoever it is that has already cleaned up most/all of it.

There are plenty of good ideas here for how it might be prevented in the future. What we really need to do is pick one and get it implemented.

The chemistry related question as a CAPTCHA seems the most straightforward. Using the virtual machine Polverone creates as a backup I've started making the changes. I've updated the form and now need to add choosing the question and then evaluating the response.

I'll seed it with some simple questions but the administrators should be able to add new or delete them from the database.

Screenshot from 2018-07-20 06-51-12.png - 53kB

XeonTheMGPony - 20-7-2018 at 04:31

or what is the symbol on a periodic table of X and have x element change every time. that will make it harder for the bots to learn

but looking good

WGTR - 20-7-2018 at 10:33

With this latest round of spam I've been uncomfortable reporting it from a work computer. I can imagine the questions from IT regarding why I'm clicking on threads entitled "Horny Housewives" and such.

streety - 20-7-2018 at 14:04

Quote: Originally posted by XeonTheMGPony  
or what is the symbol on a periodic table of X and have x element change every time. that will make it harder for the bots to learn

but looking good


This is a really good suggestion. I doubt the questions will need to be difficult to be effective and this style gives lots of variety.

I got the question selection part implemented this morning before going to work so just have the evaluation step to go. With a bit of luck I might be able to get this finished today.

Melgar - 20-7-2018 at 16:33

Quote: Originally posted by streety  
This is a really good suggestion. I doubt the questions will need to be difficult to be effective and this style gives lots of variety.

It was my idea!

But when I tried to fix the XMB code myself, I got bogged down in php, and then my laptop display broke. So I had to use my really old laptop with a broken space bar. I had to copy a single space to the clipboard and hit ctrl-v every time I needed to type a space. So I ended up doing a lot more reading than writing with that laptop.

Now I have a new laptop, but it's super low-end. It actually works pretty decently now that I've replaced the OS with Linux, but it's hardly a coding rig.

There's been indications that some members believe that there are actual humans behind some of this spam, but I assure you, it's about 99.9% bots. As someone who used to have a job coding workarounds for sites that tried to block me from scraping their images, I do know a thing or two about how to code effective bot logic. Bots cast a wide net, and if you put up any significant customized obstacle to stop them, it's not worth the effort for them to write the code to bypass it.

streety - 20-7-2018 at 17:00

Sorry Melgar. I think I went back to page 15 but I find these really long threads a bit intimidating. I'm sure I missed a lot.

I can understand your experience. I first learned programming with PHP but it has probably been a decade since I last used it. I moved on to python where the prime directive is to write readable code. Getting to grips with this codebase was quite the culture shock. The approach seems to have been to take code that would be understandable spread across 50 files and squeeze it all into 2 files.

However, I think I have a working implementation. I'm writing up instructions now.

streety - 20-7-2018 at 17:13

I believe I now have a simple captcha question implemented.

The steps needed to add this to the forum are:

1) Merge in the pull request on github: https://github.com/mattbernst/xmbforum/pull/1
2) Copy member.php and templates.xmb to the forum (these are the only files changed)
3) Restore the templates cache by going to the Administration panel, then templates under 'look & feel', clicking 'Restore all' and then 'yes'
4) Add the questions to the database by going to Administration panel, then 'insert raw sql' under 'database tools' and submitting the sql query in the attached file

Attachment: table_creation.sql (1kB)
This file has been downloaded 750 times

j_sum1 - 20-7-2018 at 17:44

This sounds great, sreety.
I haven't polverone's thoughts on the spam problem and possible solutions. He would need to be the one to implement this. But it sounds pretty straightforward.

I have just deleted 55 spam threads that have sprung up in the last 12 hours so a reprieve would be welcome.

streety - 20-7-2018 at 18:11

Wow, I know I've seen a lot today but had not realized it was that many. Thanks for all you and the other mod/admins do to keep the forum running and clear of spam.

I haven't contacted Polverone. Should I, or would it make more sense for you or one of the other admins/mods to contact him? I think he will get an email from github about the pull request.

The changes are fairly minimal so he should be able to evaluate their safety without difficulty. I can make changes if necessary.

I could potentially try to implement other anti-spam features if this proves to be insufficient. I think there are three broad categories of options we might consider

1) Prevent spambots from registering
Hopefully this captcha question will limit the flood

2) When they do get in limit the damge they can do
One option that might be relatively easy to implement is limiting new accounts to a single thread in the first 24 hours

3) When there is spam make it easier to clean up
I'm not entirely sure what the process is when you deal with spam. If you can describe the current process and what your ideal process would be I can try to implement something closer to your ideal.

j_sum1 - 20-7-2018 at 18:24

Right now, #1 would make a big difference. By all means contact Polverone. I have brought your efforts to the attention of the mods for discussion, but any changes reay need Polverone on board. He seems to not wander by here much these days. (Reminds me of Gandalf's visits to the Shire. Infrequent but of great import even if not much seems to change.)

Xenoid - 20-7-2018 at 18:56

Quote: Originally posted by Swinfi2  
I really like Reboots idea of a sign up quiz. say like 5 easy questions.

eg:
Balance this equation CH4 + _O2 -> _CO2 + _H2O
Give the formula product of H2SO4 + NaCl -> NaHSO4 + __
What is a Kelvin: A) A material. B) A name. C) Unit of temperature. _
Give the Element symbol for any element that's a liquid at room temperature: __
what is the SI unit for energy: _

just long enough that a human who has to look this stuff up might think ffs i'll post quicker somewhere else.
a bot should obviously fail unless its given the answers, i guess make them show up in random order.


I made this suggestion way, way back in 2012 (on page 4) - so don't hold your breath!

Regards, Xenoid

Ubya - 21-7-2018 at 14:48

something must be done fast, we are flooded with spam

RogueRose - 21-7-2018 at 14:53

I say all members stop doing the job. we've been doing it for years, offered to pay to have something programmed, and an endless other array of things. If they don't want to do something about it, there are other boards out there

WGTR - 21-7-2018 at 16:10

Can a mod do a manual delete on this one?

https://www.sciencemadness.org/whisper/viewthread.php?tid=85...

This spammer managed to reply to his own post twice; I don't think the removal script will do the job this time.

I still gladly report spam when I'm here. I don't think it's time to throw in the towel on the forum...it's generally a great resource to have, and I refer to it sometimes when trying to scratch my head through a problem at work.

j_sum1 - 21-7-2018 at 17:16

Aargh! Lost my post. Time top retype.

I have been deleting manually lately. Quite frankly the spam-cleaning script cannot keep up. By the time a spam has been reported sufficient times to trigger deletion and autobanning, several others have taken its place. And checking and processing spam reports takes as much time as checking and deleting individual spam.

So yes, we are getting a bit swamped at present. I agree that something needs to be done as a matter of urgency. Yesterday was I think a record for me -- not that I generally keep count, but I deleted 55 spam in one hit, 38 a cpouple of hours later and then another 7-10 on two or three occasions after that. And just a moment ago I deleted another dozen. So, that is in the order of 120 in 24 hours on top of whatever was deleted by other mods or removed via the spam script.

At this point, I think if we can get on top of the bot problem we will be making a great stride forward. And I think a captcha should achieve that. The one that streety wrote looks like it would work just fine. It remains to get Polverone to ok it and put in in place.

The bots are not the only problem. We have had some quite clever human-generated spam in the past. Not much recently though. This tends to be in established threads rather than in a new thread. If you see any of these then please U2U a mod or two. The message might get lost in the pile if you simply report. We also have our recidivist troll, but only one as far as I can tell. He is more nuisance than anything and pretty easy to spot. The problem he causes is insignificant compared with the magnitude of his delusions.

Thanks for your perseverance with this. Hopefully we will see an end to the unsolicited trash soon.

MJ101 - 21-7-2018 at 19:10

Quote: Originally posted by RogueRose  
I say all members stop doing the job. we've been doing it for years, offered to pay to have something programmed, and an endless other array of things. If they don't want to do something about it, there are other boards out there


@RogueRose: Spam is an unfortunate consequence of having a web forum. The only way it can be mitigated is if all of the members pitch in and report it. That goes for trolls as well, with the difference being that you -never- respond to a troll.

They exist solely to aggravate members and to draw out arguments.

Who is the forum administrator? And when was the last time anyone spoke to him/her?

symboom - 22-7-2018 at 02:06

Its a pattern so its a bot that can ve outsmarted it used key words and is repeating the same message easy to stop
Needs to be programmed in the fourm software or we could work together and update the site i all a person needs is the source code i havnt studied computers for a while
But the board does run on a linux server.

Maybe work on peice on the site addressing the problems
And make a poll

Who knows how to work on servers

streety - 22-7-2018 at 03:18

Quote: Originally posted by MJ101  
Who is the forum administrator? And when was the last time anyone spoke to him/her?


j_sum1 has indicated that only Polverone would be able to update the forum software. Last visit a week ago and last post the backup linked below.

Quote: Originally posted by symboom  
Its a pattern so its a bot that can ve outsmarted it used key words and is repeating the same message easy to stop
Needs to be programmed in the fourm software or we could work together and update the site i all a person needs is the source code i havnt studied computers for a while
But the board does run on a linux server.

Maybe work on peice on the site addressing the problems
And make a poll

Who knows how to work on servers


The code used for the forum is available at https://github.com/mattbernst/xmbforum linked to from https://www.sciencemadness.org/whisper/viewthread.php?tid=80...

There is also a backup of the site with private information removed available. This is what I worked on for the captcha question code I posted above. https://www.sciencemadness.org/whisper/viewthread.php?tid=12...

Spamergency Measures

Vomaturge - 22-7-2018 at 16:33

First off, I'd like to thank all the moderators for their time dealing with spammers, trolls,

and general forum maintenance. But I have a question on how to best help them clear

spam.

It is well known that there is a spam deletion code in the SM forums. If two trusted

members report a post using the word "spam," it will be deleted without any action from

the mods.

But the code does not always catch spam. If the account was registered previously, or the

thread has been replied to, or (I believe) the poster has made more than one spam post,

then the code won't recognize it as spam. Also, jsum_1 has explained that the code can't

keep up with very high rates of spamming, like the ones at present. In any of the above

cases, the threads must be removed by a real mod, and multiple people reporting will just

add extra reports which must be processed by hand.

So I'd like to ask the moderators, WHAT WOULD BE BETTER? ONE PERSON REPORTING AND

REPLYING "REPORTED SPAM", OR MANY PEOPLE REPORTING THE SAME THREAD

INDEPENDENTLY? The former will reduce the numbered of reports that must be examined;

the latter will lead to multiple reports per thread, and hopefully some of the threads being

deleted automatically.

As far as the chemistry question captcha goes, I like the idea. It will unfortunately make it

harder for beginning amateur chemists to register, but will greatly help in making people

UTFSE, and block spam almost 100%.

We know many of these accounts come from the same sources (same types of adds, same

IP's), and it seems like Bert had some luck finding and banning large bundles of spam

accounts using this fact. But I could be wrong as to how successful he really was.

symboom - 22-7-2018 at 17:06

Excellent anyone want to do a spam sweep by reporting the post and typing spam then report

One person does a sweep of the today's post each hour so lets say it's 6 and I report all of the spam I see then another member does the same thing 6 hours later. due to how the time zones work behind or forward in a hour this should work perfectly and it just needs 4 people

A perfect human solution
I volunteer myself just need a quick cut and paste
Of the word SPAM spell like that in capital letters
Wish I had a program to do the cut and paste
Control x and control v for paste
Although the reason there is a delay in case you acedently pressed report

Perfect computer solution
Program that can identify key repeative words
And other clues

Or we can use the catcha system the are you a robot test

Three options pick one

[Edited on 23-7-2018 by symboom]

j_sum1 - 22-7-2018 at 17:15

Bert did delete a bunch of spammer accounts but did not make any progress towards stemming the tide of new accounts. Then he got busy with fireworks season I guess.

I really don't know the details of how the script works or why it is not working. But it appears that at least one bot has a workaround and is not getting caught by the script. For example, I have noticed that while we have flood protection and cannot post more frequently than once a minute, spam threads can appear from the same account at the rate of 1 every 20 seconds. This means that manual deletion is a reality. It does not take long but it does require a certain presence and in the meantime the front page gets chocked up with garbage.

Reporting is fine. But realistically most spam reports will not get read. So, if you want to get our attention, send a regular U2U. Your proposal of reporting within the thread and messaging a mod is ok but probably will not make a lot of practical difference. At least the other way some of the spam will get processed automatically.

I am particularly interested in catching spam and trolling that appears within established threads. If you see this then send a message to a mod.

JJay - 22-7-2018 at 17:47

There are a lot of blacklists, but this is the best one I know of for spammers and trolls: http://efnetrbl.org/

Combined with IP-based blocking, it can only be defeated with some actual skills.

It's pretty easy to use... there are a few REST web services that will query it for you, or you can simply use DNS.


Corrosive Joeseph - 3-8-2018 at 16:32

As soon as one lot of spam is deleted, it just starts again, more or less, straight away.......... This is chronic



/CJ

j_sum1 - 3-8-2018 at 17:53

Phd, your trolling is a nuisance but is easily shrugged off.
Spam, from you and others is likewise a nuissance. But people here are smart enough to ignore.

We just deal with it and move on. I, for one have no qualms about deleting your crap.

Abromination - 3-8-2018 at 19:16

I still don't understand why this website is so targeted by people advertising pornography and such. I havent been here for long, but I love this site and use it to my advantage very often.
I can more understand the targeting of this site by people like PHD but despise it just as much, if not more. To prevent the bots and other fake accounts made for adult traffic advertising, a simple captia should be required and maybe even a serious of basic chemistry questions like a simple equation to balence, the scientific name for oil of vitriol (obviously sulfuric acid) or as suggested by another user (don't remember who) who suggested to fill in the blank for a common chemistry saying (do as you otta, add acid to
_____)
I doubt that this would stop trolls like PHD, but perhaps a good IP ban would do it.

j_sum1 - 3-8-2018 at 20:24

Spam has been around for a while. And it has changed in flavour from time to time. (We don't seem to be getting Chinese text, UK kitchens or Nike much these days.) At the moment we are targets of a particular set of bots. The aim of these bots is not that the spam will ever get read, but rather to raise the profile of the sites on search engines. That is what XRumer was designed for.

I agree that something should be done. One problem is that the forum software is limited, which restricts options.

I am not sure how much a captcha would change things: there is evidence that the bots circumvent some sevurity measures (eg, flood protection measures) and it is unknown what else they might get around. There is also suggestion of some human intervention at times (sad sad little life). If it seems like we are being targeted, that is probably accurate.

Best thing to do at this stage is to continually be diligent at reporting spam. Just one thread per username, so try to target threads that have already been reported (check post count). Also fix the signal to noise ratio by posting some chemistry. Spam hatred is not the reason for our existence.

symboom - 3-8-2018 at 20:47

Xevil is another program used along side xrumer
Im tired of seeing the this is a test with xrumer username

https://xevil(dot)net/en/
Removed hyperlink

This is the programs website
The program discription
XEvil — easy, fast and flexible tool for automatic recognition of most type of CAPTCHA's (included so hard captchas like Google ReCaptcha v.1 and v.2, Solve Media, Facebook-captcha, etc.).

The application replaces such services as AntiGate (Anti-Captcha), RuCaptcha, DeCaptcher, etc., and at the same time it provides for higher recognition velocity (in 10 times) and is completely free of charge.

Video says new OCR reconition.

TO WEB MASTERS
Anti-bot protection in the form of graphic captchas is going for good. It has been several years already, the captchas are recognized by various services and various application (free/non-free).

The captchas on the site can be customized continuously but this is dead end road. The captchas can push off the visitor of the site (who can be your potential customer). This type of anti-bot protection is outdated, and will go for good in 2-3 year with introduction of more modern user authentication systems.

The state of art are provided with secure protection against Spam-bots with use of the following techniques:

CloudFlare
StopForumSpam
Akismet
Encrypted with JS-protection
etc.
It takes not more than 20-30 minutes (one day for the non-expert) to ensure site protection against robots without using such repulsive for users technologies as captchas



white hat hackers use the tools that the scammers use see how it works and counteract the program from screwing up the threads

This is a suggestion for the moderators to try as they are responsible for keeping the site is good working order

All that needs to be now is defeating these two programs
Maybe make an automated script to counteract the programs
And the spam problems will be gone for good. :):):)

So they sell the problem and the solution
To the problem they created sounds like
The anti tobacco ads paid for by the tobacco companies
Ironic selling the problem and solution.


[Edited on 4-8-2018 by symboom]

Sulaiman - 3-8-2018 at 22:18

IF SM charged for example USD1.00 registration fee,
non-returnable if banned,
the problem would cease.

The fee should go to the website owner who can optionally disperse a portion of it to whichever mod. handled the registration as a compensation for time and effort.
The website owner can choose the policy whether to keep or erase registration data from the secure server separate to the SM server.


@PhD ... start saving.......

streety - 4-8-2018 at 05:13

Quote: Originally posted by j_sum1  
I am not sure how much a captcha would change things: there is evidence that the bots circumvent some sevurity measures (eg, flood protection measures) and it is unknown what else they might get around. There is also suggestion of some human intervention at times (sad sad little life). If it seems like we are being targeted, that is probably accurate.


The different software options posted by symboom do suggest that the image based captchas are not going to be helpful. Adding in a question requiring some chemistry knowledge will hopefully be more useful. Even if humans are involved I would assume their education is limited.

We are not limited to just these options though.

Quote: Originally posted by streety  
I could potentially try to implement other anti-spam features if this proves to be insufficient. I think there are three broad categories of options we might consider

1) Prevent spambots from registering
Hopefully this captcha question will limit the flood

2) When they do get in limit the damge they can do
One option that might be relatively easy to implement is limiting new accounts to a single thread in the first 24 hours

3) When there is spam make it easier to clean up
I'm not entirely sure what the process is when you deal with spam. If you can describe the current process and what your ideal process would be I can try to implement something closer to your ideal.


I posted the above two weeks ago on the assumption that the registration question would help but might not be enough. At the moment the limitation is not writing the code needed to implement our spam mitigation ideas but getting them deployed on the server. I can certainly add to the simple question already implemented and Loptr, JJay, and Melgar have all indicated they have the skills needed to help.

I don't think there is much we can do for preventing registration or limiting the damage without modifying the software on the server. The final option, making clean up easier, is definitely possible without modifying the software on the server:

Quote: Originally posted by streety  
I did wonder about that automated script myself. The admin interface in the virtual machine backup doesn't suggest there is any automated deletion system and a quick look through the code didn't reveal anything either. It's possible the virtual machine doesn't include that functionality.

Implementing/replacing an automated spam deletion script could potentially be done without needing to modify the code on the site. If the admins/mods would be willing to set up a server somewhere[0] we could create a script that every 5 minutes logged in with their credentials, or the credentials of a newly created account, and swept out any new spam.

[0] This would cost ~$2/month. I'm sure many users, including myself, could host this for free but that's a bad idea from a security perspective.

[Edited on 26-7-2018 by streety]


Having thought about this some more since making that post I remain confident it can be implemented.

j_sum1 - 4-8-2018 at 05:34

I like your thoughts, streety. TBH I am not sure what the delay is. It just needs the ok from the board owner and then to put it in place.

Some of the discussion in money...
This has come up before. Two things, it is probably more trouble than it is worth. Secondly, financial motive is just not the way this board wo3rdks and it is the better for it.

CharlieA - 4-8-2018 at 16:55

OK, I guess I'm ready to find more spam-free BB than this one. Any Suggestions?

j_sum1 - 4-8-2018 at 17:02

Quote: Originally posted by CharlieA  
OK, I guess I'm ready to find more spam-free BB than this one. Any Suggestions?


Yep. Send Polverone a U2U and tell him it is getting urgent.

CharlieA - 5-8-2018 at 16:03

j_sum1:

I did: I really have been enjoying this BB as I try to refresh my chemistry knowledge (BS, 1962), but I'm tired of reporting 10-15 spam messages every day. I appreciate all you have done with this BB, but I am ready to look for one that is (more) spam-free. Can you recommend any? Thanks. Regards,
CharlieA

Thanks for the idea. Being computer-challenged, I don't understand why one or more of the many suggestions to combat spam that are in this thread haven't been implemented.:)

streety - 7-8-2018 at 18:36

It's difficult to get a true impression of the number and frequency of spam posts from occasional visits to the forum so I decided to collect some data. I wrote a simple script that downloaded the "Today's Posts" page every 5 minutes and recorded any new topics. If any topics it had seen previously were missing it checked whether they were deleted and recorded when that happened.

The results were quite interesting so I thought I would share what I found.

I stopped the script ~12 hours ago and at that point it had been running for 6 days, 2 hours. During that time I recorded 645 spam topics for a rate of 106/day.

The histogram below shows the time it took to delete each spam topic.

spam_duration.png - 53kB

The minimum was barely above 5 minutes so I probably missed some topics that were deleted so quickly they were gone before my script downloaded the page. :o

The average was 84 minutes. 32% were deleted within 30 minutes, 47% within 60 minutes, and 79% within 120 minutes. The median was 65 minutes.

time_of_day.png - 139kB

Messages posted around 6-7am board time seemed to take the longest time to be removed.

I've stopped the script for the moment but can restart it if there is continued interest in this type of analysis.

diddi - 7-8-2018 at 19:14

excellent info streety

j_sum1 - 7-8-2018 at 22:09

Thanks for doing this streety. We have not had good information on numbers until now. I think the volume is pretty consistent with what I have observed.
What I am most interested in is the time of day that spam appears. If there is a strong pattern then it is useful to know the heaviest times. It is worth my effort to do a targeted clean up if I know that a flood is coming.

To clarify... The time of day on that graph is the time that the spam appears and not the time it is deleted???
Help me translate the times on your graph to my local time zone.


Edit
There are some interesting diagonal stripes on that graph.
Looks like a spam bot was posting at regular five minute intervals and then all posts being deleted at once.

[Edited on 8-8-2018 by j_sum1]

streety - 8-8-2018 at 03:32

The x axis is the time posted and uses the default for the board, i.e. GMT-8. I think Sydney would be 18 hours ahead.

This is adjusted for time deleted.
time_of_day_deleted.png - 139kB

This is color coded for the day. It does seem like the uptick around 6-10am occurs on multiple days. Whether that pattern will continue or not is an open question.
time_of_day_posted_by_day.png - 175kB

[edit]
I've just looked at the users and there is a surprise there as well.

There were 216 members linked to spam posts.

I assumed they were registering and then immediately posting spam. Most accounts did follow that pattern but 15 accounts were registered days before they started posting. For these 15 accounts the median delay was 8 days. There were two accounts around 40-50 days and one account that was registered 71 days before it started posting.
[/edit]

[Edited on 8-8-2018 by streety]

WGTR - 8-8-2018 at 04:37

That means that some of those accounts are old enough that they are no longer "new", and require a manual delete of the spam. That explains why some posts tend to linger after being reported.

I've noticed something before, where a bot will register and make an innocuous post like "Hi, nice post!" Or something like that, and then wait some weeks before posting spam, presumably to get around a spam deletion script.

Do you see a pattern on the types of posts/accounts that register and then wait several weeks to post, or is it pretty much the same as those that post immediately?

streety - 8-8-2018 at 05:28

Nothing jumps out at me. It seems like a mix of english characters and cyrillic. The number of posts is similar per user at ~3. The topics seem varied.

WGTR - 8-8-2018 at 16:44

I'm afraid that spam_laurie just had a very short and meaningless existence on sciencemadness. Her life snuffed out in the flower of her youth, I wish I could say that I miss her, but I truly don't.

Abromination - 10-8-2018 at 07:16

Maybe im simply not a good observer, but it appears that in the last few days that wheb someone spams the spam appears in all subforums (except detrius, ironically).
Everyone knows its a bot, that's obvious (Xrumertest maybe) but I had never noticed them doing this before. They would usually just post in genchem and occasionally some of the others.

WGTR - 10-8-2018 at 11:10

So perhaps if a new account posts to all sub forums in a short time, the spam deletion script should nuke the account? That's one idea. There are quite a few spam accounts that only post once or twice, but I've seen some like you say.

I've corresponded with woelen and j_sum1, and a possible solution is in the works. Everybody please hang in there til then and keep reporting spammers as soon as they pop their slimy little heads into the daylight.

Texium - 10-8-2018 at 11:15

Right now our solutions are quite patchy. Ultimately we will need to migrate to newer software. That's inevitable, as we can't just keep patching up this old ship forever. But, until we do that, we're just going to have to keep bailing her out as best as we can. Thanks for your patience, everyone.

And streety, thank you for presenting those analytics, that was very interesting. I can confirm that spammers sometimes get killed within 5 minutes because there are times when a new one pops up as I'm refreshing Today's Posts and I hit it within the minute it was posted!

Abromination - 18-8-2018 at 16:36

Im still trying to figure out the aim of this PHD troll. Why would he bug us? Im sure he would have better things to do than constantly come back and interfere with the calm and order of a hugely diverse international forum of chemists.

Abromination - 18-8-2018 at 16:55

Maybe you wouldn't be rejected if you didn't behave like you do.
I almost pity you. You should be concerned if a high school student is telling you that.

j_sum1 - 18-8-2018 at 17:04

You err in thinking there is some logic behind it.
There is no reason. The guy is not reasonable. That's more or less the point.

There are some indicators that our troll is also a spammer. I think he gets his jollies messing with us when he gets bored of his meaningless existence pushing spam for pennies.

On the spam front I get the impression that we are staying ahead of things at the moment. Thanks for everyone's vigilance in reporting. I think the spam is getting obliterated pretty quickly. I would love to see some stats if you have them, streety.

As far as a long term solution goes, we basically won't get much headway without a software tweak or migrating to a new system. Both of these require approval and input from Polverone; who has been frequently absent of late. This means glacier-slow progress unfortunately.

We have had a bit of a discussion on a workaround involving passwords on the forums. There are numerous problems to this idea - principally that a password would be required to view as well as to post. I think it would also blind search engines. Which would mean no spam but probably few new members. It would place a obstacle for infrequent old members. And if Google can't find the board (which is what I suspect) then goodbye to a lot of the board's usefulness.

streety - 19-8-2018 at 16:55

After the previous run of 6 days I stopped the script so no new update. I have been updating it to produce something more robust and, after discussing with woelen what would be needed, beginning to develop a script to actively delete spam posts.

I've just now set the spam monitoring script running again on a more permanent basis so will begin providing updates going forward.

The intention for the active part of the script will be to submit a spam report to trigger the automatic deletion script on the server. This might not work for all the spam but seemed like the safest first step as very little damage can be done by sending a U2U.

As far as I know the most recent description of the automatic deletion script is from page 8 of this topic:

Quote: Originally posted by Polverone  
I have tweaked the reporting process, somewhat inspired by violet sin. Before spam had to be reported by two trusted members or one moderator before it was auto-deleted. Now it will be auto-deleted if it is reported by one trusted member and one 'semi-trusted' member. Everyone who has been registered at least 60 days and has at least 50 posts automatically becomes a member of the 'semi-trusted' group. This should reduce the waiting time for spam deletion, and means that any frequent user of the site can help stamp out spam.


The idea is to make this more aggressive by

- expanding the pool of members able to trigger a deletion (but still requiring 2 members)
- automatically triggering deletion if a new member starts multiple new topics

I'm currently looking at whether we can use machine learning to go more aggressive on deletion but with having some safeguards. For example, by triggering deletion on the report of a single user instead of two if the machine learning model also thinks a post is spam.

I'll finish with some historical statistics. For the machine learning model I have examples of spam posts but I also need examples of genuine posts. I could use everything on the forum but the first posts from users would be best. There are 8835 members on the forum with at least one post. Somewhat to my surprise the majority (5062) started a new topic with their first post. Most of those (4206) posted within a day of registering on the forum.

JJay - 20-8-2018 at 11:41

Question: When you see a spammer posting several new posts, which one do you report? The oldest one?

WGTR - 20-8-2018 at 11:43

Usually I do, but it depends on which one(s) have the most view counts. Usually the oldest one looks like several people have already looked at it (and have presumably
reported it).

fusso - 21-8-2018 at 05:09

Quote: Originally posted by streety  
The x axis is the time posted and uses the default for the board, i.e. GMT-8. I think Sydney would be 18 hours ahead.

This is adjusted for time deleted.


This is color coded for the day. It does seem like the uptick around 6-10am occurs on multiple days. Whether that pattern will continue or not is an open question.


[edit]
I've just looked at the users and there is a surprise there as well.

There were 216 members linked to spam posts.

I assumed they were registering and then immediately posting spam. Most accounts did follow that pattern but 15 accounts were registered days before they started posting. For these 15 accounts the median delay was 8 days. There were two accounts around 40-50 days and one account that was registered 71 days before it started posting.
[/edit]

[Edited on 8-8-2018 by streety]
@streety can you please also analyse the frequencies of real posts?

Highlight reported posts

fusso - 23-8-2018 at 10:22

Quote: Originally posted by Polverone  
I have tweaked the reporting process, somewhat inspired by violet sin. Before spam had to be reported by two trusted members or one moderator before it was auto-deleted. Now it will be auto-deleted if it is reported by one trusted member and one 'semi-trusted' member. Everyone who has been registered at least 60 days and has at least 50 posts automatically becomes a member of the 'semi-trusted' group. This should reduce the waiting time for spam deletion, and means that any frequent user of the site can help stamp out spam.

To make others know that a post had already been reported, put an icon before the subject if a trusted member has reported it. Put another icon there if a semi-trusted member has reported it. This can reduce number of reports and u2us.

What should we write when reporting trolls?

fusso - 24-8-2018 at 08:36

Should we write "spam" or "troll" when reporting trolls?

streety - 28-8-2018 at 13:58

fusso, what would you like to know about the legitimate posts? I can extract quite a lot of information from the backup.

The icons would be a good idea if we continue to struggle with spam. I'm hoping we are close to a major improvement.

I've been able to train a machine learning model to detect spam posts with high accuracy and have now modified the monitoring script to send spam reports. If run by a admin or mod account the reports should trigger the automatic deletion script on the server. To avoid mistakes it will only trigger if:
- a new user (less than 48 hours old) starts two or more new topics detected as spam
- a new user starts one topic detected as spam that is also reported by a member

As the spammers change their content the performance of the model will eventually degrade but it will be easy to update it.

diddi - 28-8-2018 at 14:05

just write
"spam"

j_sum1 - 29-8-2018 at 04:16

For interest' sake...
I have not cleared my u2u trash for about four months. (Late April or early May.) The only thing in there is spam reports.

You are all doing a grand job. And even though the bots are persistent, I get the feeling we are staying ahead of the mess.
But this does illustrate the size of the problem.



trashbox.jpg - 36kB

fusso - 29-8-2018 at 07:46

Quote: Originally posted by streety  
fusso, what would you like to know about the legitimate posts? I can extract quite a lot of information from the backup.

The icons would be a good idea if we continue to struggle with spam. I'm hoping we are close to a major improvement.

I've been able to train a machine learning model to detect spam posts with high accuracy and have now modified the monitoring script to send spam reports. If run by a admin or mod account the reports should trigger the automatic deletion script on the server. To avoid mistakes it will only trigger if:
- a new user (less than 48 hours old) starts two or more new topics detected as spam
- a new user starts one topic detected as spam that is also reported by a member

As the spammers change their content the performance of the model will eventually degrade but it will be easy to update it.
I'd like to know the distribution of posts in different time periods of a day.

streety - 1-9-2018 at 07:05

This first figure is the frequency of posting over the complete period of the board:

post_frequency.png - 62kB

This is the figure showing the frequency of posts for each hour of the day. The time is the same as the board (UTC-8) so the peak is approximately, 12pm pacific time, 3pm eastern time, 8pm UTC, 5am in Sydney.

time_of_day_all_posts.png - 59kB

In putting together these figures I discovered two odd posts. The post date is 1969. In the database they are represented by timestamp values of 0 and 1. They are also clearly spam but then there are 8 pages of legitimate content.
https://www.sciencemadness.org/whisper/viewthread.php?tid=21...

Diachrynic - 2-9-2018 at 03:58

Can someone confirm this pattern? The bots seem to post in a certain order when spamming. Just an observation. Might be interesting to check if the pattern holds. (I just realized there is not so much order as I had hoped with that last one. Still.)



ic-5302.jpg.png - 125kB

ic-8857.jpg.png - 129kB

j_sum1 - 2-9-2018 at 14:17

There is at least one bot that hits all 14 forums. And for some reason is able to bypass the flood protection. Your post indicates two spam per minute but it is sometimes an much as three.

There are some other similar spam that arise and only hit one forum -- usually Gen Chem. I think these ones get thwarted by flood protection.

Diachrynic - 10-9-2018 at 14:23

Idea: what if we take the ten most common English words and run a quick check over a new post. If there is a high enough deviation (which can be as much as only one word of that list in the entire post) it needs to be checked by a moderator first before it gets send. This should only apply to new topics. The moderator then either decides to show it or to trash it.

Of course bots can easily circumvent this, but maybe there is some use to this idea.

The idea is also flawed in that it is not automatic. In order to prevent legitimate topics from being trashed a human being is needed. But the mods could be completely overwhelmed by the number of posts.

Like I said, just something that came to my mind because I noticed the bots just shove a bunch of keywords into a post but almost never say "I am trying to do the..." or something like that.

Swinfi2 - 10-9-2018 at 17:39

@streety the "don't you like sex" thread. I read the first 2-3 pages and it looks like a compilation of everything to do with nerve agents/drugs and other bad stuff that (when organised as such) kinda implicates the forum staff as they have posts amongst it.

I have a hard time believing the post is "real" as many posts reference poeple/posts that are missing and context jumps. It looks to me like an AI word salad of coppied posts to give the appearance of coherance.

How could that even happen? That thread freaks me out, it looks like a set up imo.

fusso - 11-9-2018 at 14:01

Quote: Originally posted by Swinfi2  
@streety the "don't you like sex" thread. I read the first 2-3 pages and it looks like a compilation of everything to do with nerve agents/drugs and other bad stuff that (when organised as such) kinda implicates the forum staff as they have posts amongst it.

I have a hard time believing the post is "real" as many posts reference poeple/posts that are missing and context jumps. It looks to me like an AI word salad of coppied posts to give the appearance of coherance.

How could that even happen? That thread freaks me out, it looks like a set up imo.
And I briefly skimmed a few posts starting from the bottom. I noticed some spam posts at the bottom. Going up, the thread seemed to be detritused due to trolls. And I found a few currently active members there. I hope someone who was involved could explain it for dummies.

j_sum1 - 11-9-2018 at 14:07

I don't recall the thread. U2u me a link. If it is in detritus then that might be too good a place for it. Sounds like nothing will be lost in killing it.

fusso - 11-9-2018 at 14:13

Quote: Originally posted by streety  
In putting together these figures I discovered two odd posts. The post date is 1969. In the database they are represented by timestamp values of 0 and 1. They are also clearly spam but then there are 8 pages of legitimate content.
https://www.sciencemadness.org/whisper/viewthread.php?tid=21...
@jsum well here you are.

j_sum1 - 11-9-2018 at 14:46

Quote: Originally posted by fusso  
Quote: Originally posted by streety  
In putting together these figures I discovered two odd posts. The post date is 1969. In the database they are represented by timestamp values of 0 and 1. They are also clearly spam but then there are 8 pages of legitimate content.
@jsum well here you are.


Ok. I took a look. It can stay in detritus. It actually looks like a collection of stuff from several different threads including trolling, spamming and legitimate discussion of two or three different topics.
I don't know the thread's history -- it all seems weird. But it is not doing any harm where it is.

Negative 15 posts?

WGTR - 13-9-2018 at 17:00



spam.jpg - 49kB

CharlieA - 14-9-2018 at 16:47

Tonight is especially frustrating...3 pages of posts today, and 2 pages of them are spam. I think when a new account is made, the account shouldn't be able to post for a week. There is much talk here about this subject but nothing seems to get done about it. I wish I were computer literate but I'm not, so I'm unable to do anything about it (except leave the forum).:(

streety - 15-9-2018 at 05:25

This is an update on my post from the top of page 19.

The script was updated and run every 2 minutes. I restarted it on the 19th and analyze only full days below, so from the 20th August to the 14th September.

During that time I recorded 2803 spam topics for a rate of 100/day.

The histogram below shows the time it took to delete each spam topic.

spam_duration_20180915.png - 56kB

The minimum was again barely above the sampling frequency of the script so I still probably missed some topics that were deleted so quickly they were gone before my script downloaded the page. Should be less than last time though.

The average was 69 minutes(down from 84 minutes). 34% (up from 32%) were deleted within 30 minutes, 64% (up from 47%) within 60 minutes, and 83% (up from 79%) within 120 minutes. The median was 45 minutes (down from 65 minutes).

There isn't much effect of time of day on spam duration in this period.

time_of_day_posted_20180915.png - 107kB

time_of_day_deleted_20180915.png - 105kB

You may notice the topic deleted after more than 3000 minutes. It was not a spam post so I may need to think about how to handle deletions that are not spam related. In this case it seems to be a legitimate member who created a new topic in error instead of a reply to an existing topic. It was then later cleaned up by an administrator.

spam_posts_per_day_20180915.png - 141kB

Yesterday was particularly bad for spam. Hopefully it won't be the start of an up-tick in the posting frequency.

JJay - 21-9-2018 at 13:17

The spammers are in rare form today. I have never seen so much. I must have reported 20 of them this morning.

WGTR - 21-9-2018 at 14:04

I would suggest that Polverone add some extra people to the trusted reporters list. When I check in I often find spam that's been here for 6 hours or more, with a couple dozen views and presumably at least half that many reports. Then when I report it, the thread is gone within a minute or two. That tells me that the people doing most of the reporting aren't "trusted reporters" yet. Keep reporting it though, because Polverone keeps an eye on who's doing the reporting, and sometimes adds additional people to the "trusted" list. Also, when I log in I can clear out several pages of spam at one go if others have already reported it.

streety - 21-9-2018 at 19:35

The past few days have been quite bad but today doesn't seem extraordinary.

spam_posts_per_day_20180921.png - 141kB

The median period of time spam posts are hanging around was a little higher than usual.



I have been working with woelen to deploy a script to help with the spam. I should really follow up on that. Essentially it would do exactly as you suggest and increase the impact more members could have.


Edit to include most recent day in duration plot. Changing the interpretation.
[Edited on 22-9-2018 by streety]

[Edited on 22-9-2018 by streety]

spam_posts_durations_per_day_20180921.png - 134kB

symboom - 21-9-2018 at 21:12

Anyone know if they are using AI (artificial intelligence) yet
Got to be ahead of the game. Divergent and convergent thinking

Open message
To streety
This guy lesterpq11 look at for pattern see key words to outwit the AI

AI seems to try to imitate humans where ever it gets the info from


[Edited on 22-9-2018 by symboom]

Melgar - 22-9-2018 at 00:09

Oh, I did some analysis on the test database. Turns out 99% of our users have 0 posts. Most of those registrations were automatic, and had names that had obviously generated automatically. It seems our active membership is perhaps around 8000.

By the way, my efforts to get this site working using phpBB has had quite a few breakthroughs in the last week or so. Check it out:

http://35.185.63.230/talk/index.php

The theme is just a random one, and other themes can be added and used. There are some bbcodes that I've had difficulty converting, and there's definitely some more things that would need working out, but the hardest parts are all behind me now. Thoughts?

[Edited on 9/22/18 by Melgar]

fusso - 22-9-2018 at 05:19

Quote: Originally posted by Melgar  
By the way, my efforts to get this site working using phpBB has had quite a few breakthroughs in the last week or so. Check it out:

http://35.185.63.230/talk/index.php

The theme is just a random one, and other themes can be added and used. There are some bbcodes that I've had difficulty converting, and there's definitely some more things that would need working out, but the hardest parts are all behind me now. Thoughts?[Edited on 9/22/18 by Melgar]
Why is the last post in 2016 not something more recently (eg this year)?

[Edited on 22/09/18 by fusso]

Melgar - 22-9-2018 at 05:34

Because I'm working with an older database backup that was stripped of personal information by Polverone. The idea was to write the code to do it on the older database backup as a proof of concept, then use the same or similar code to convert the live database when we're ready to do that.

There have been pushes to do this for years now, and migrating would certainly solve the spam problem.

RogueRose - 22-9-2018 at 10:16

This may have been asked and stated but I haven't seen it. How many reports of spam are needed for all the users posts to be deleted?

What I want to know is if I see 10 posts by a user, how many need to be reported for the program to sweep up all their posts?

CuReUS - 23-9-2018 at 02:19

anti spam measures - https://web.archive.org/web/20151125135503/http://www.ninjap...

distilled from wiki-https://en.wikipedia.org/wiki/Forum_spam#Spam_prevention
Quote:
1.Blacklisting services such as fspamlist, StopForumSpam and keep databases of IP addresses, usernames and e-mail addresses used to post spam or register forum accounts.Forum software can query these lists and either deny posts or registration, or submit the request for human moderation. This is similar to DNSBL services.

2.Simple CAPTCHA systems which display alphanumeric characters have proven vulnerable to optical character recognition software but those that scramble the characters appear to be far more effective

3.Textual confirmation,in which the user answers one or more random questions to prove that he/she is not a spambot - ( doesn't have to be chemistry questions,could be questions like "how many letters in sciencemadness" or in which language is it ?)

4.Confirmation e-mails to registering users prior to allowing the user a first log in, either containing a site-generated password or an activation code/link

5.Authoritative voice, using an external filtering service to get a verdict if the data is spam or not.( free filtering services available)

6.Denial of registration from certain domains that are a major source of spambots, or even domain extensions such as .ru, .br, .biz

7.Using a search engine to investigate usernames for hits as recognized spambots on other forums(this could be coded into SM so that it does it automatically.)

8.Changing technical details of the forum software to confuse bots — for example, changing "agreed=true" to "mode=agreed" in the registration page of phpBB

9.Blocking posts or registrations that contain certain blacklisted words ( can be automated)

10.A useful technique for proactive detection of well-known spammer proxies is to query a search engine for this IP. It will show up on pages that specialize in the listing of proxies.( again can be automated)

11.Redirecting spammers to "spam subforums" to direct spam away from human users on the main site( or even do a return to sender approach and beat them at their own game :D)


My own suggestions-
1.Most spammers have a link in their message,so we could detect posts with links and block them(for 1st post only)
2.Do not allow newly registered members to post more than 1 message or in more than 1 sub forum.
3.Block usernames or posts with non english alphabets

someone had posted an amazing idea is this thread,but I can't seem to find that post now.The idea was to run usernames through a password strength checker.Since bots use long alphanumerical strings,they would indirectly make very strong passwords,which could be detected and blocked.
We must do something fast,or pretty soon we would have to build another arc to escape this flood :(

[Edited on 23-9-2018 by CuReUS]

RogueRose - 23-9-2018 at 08:12

I have a feeling that there is more going on than just spam. I have a feeling that the posts might be a way to pass messages to others with no record of them. The posts are up for a short time and then the "system" erases them. While they are up they are grabbed. I would suspect that the spam bots wouldn't continue to post here if it wasn't getting some kind of return. It wouldn't post with such furry unless there was a benefit being had and I don't think it is members buying access to adult sites or ED pills.

This could be a serious issue that really needs taken care of and is wreckless allowing it to continue.

The mods should "deputize" some of the members to allow them to review the first posts of new members, all new posts get held until "OK'd" by a "deputy SPAM bot". The member checks a hidden sub forum where the new posts are sent and clears good posts. This would also work well to block people from signing up to reply to 9 year old threads applauding a cook and bashing someone protecting the forum.


Melgar - 23-9-2018 at 12:46

It's just bots that scan the internet for message boards that they're able to automatically register at. They use various tactics to try and make it harder to keep them out. Some of these tactics probably don't make any logical sense, but they kind of operate on a "throw a bunch of shit at the wall and see what sticks" philosophy. The only real way out is to migrate to software that's still being actively developed, which I'm trying to do with phpBB. If anyone has any thoughts on this, I'd love to hear to them. If you want server access, send me your RSA public keys, and I'll add you to authorized_hosts. If you want admin access on the phpBB test site, register at the link I posted above, and message me your username, and I'll make you an admin. If you want to look at the forum databases, I'm running a virtual machine of the XMB server within the phpBB server, and you can access both MySQL databases via TCP/IP if you're logged in. I have it set up so I can easily pull data in from both databases via a Ruby console. Like, to show data for a random user, you can type XMB.members.random, or PHPBB.users.random, respectively. I would really like some help with the PHP part, since my own PHP skills are severely lacking. I've gotten this far mainly by using Ruby and relying on my decent SQL background. Most of the rest of what's left is just annoyances. Like the fact that [size] and [attachment] tags work differently in phpBB. I'm not sure whether to try and script the conversion of XMB tags to their phpBB versions (something I did already with the [rquote] tags) or try and make the XMB bbcode tags work as they are.

Right now, the goal is to get it to a point where we like how it looks, then set up a new board with all the settings imported from the one I'm working on now. Presumably run by Polverone. Then use the tools we've developed to transfer the data over.

XMB hasn't been actively developed since 2009, and I'm pretty sure we had a consensus a long time ago that we're going to have to transition to new software if we ever want to address this problem. Correct me if I'm wrong.

RogueRose - 24-9-2018 at 04:15

Quote: Originally posted by Melgar  
It's just bots that scan the internet for message boards that they're able to automatically register at. They use various tactics to try and make it harder to keep them out. Some of these tactics probably don't make any logical sense, but they kind of operate on a "throw a bunch of shit at the wall and see what sticks" philosophy. The only real way out is to migrate to software that's still being actively developed, which I'm trying to do with phpBB. If anyone has any thoughts on this, I'd love to hear to them. If you want server access, send me your RSA public keys, and I'll add you to authorized_hosts. If you want admin access on the phpBB test site, register at the link I posted above, and message me your username, and I'll make you an admin. If you want to look at the forum databases, I'm running a virtual machine of the XMB server within the phpBB server, and you can access both MySQL databases via TCP/IP if you're logged in. I have it set up so I can easily pull data in from both databases via a Ruby console. Like, to show data for a random user, you can type XMB.members.random, or PHPBB.users.random, respectively. I would really like some help with the PHP part, since my own PHP skills are severely lacking. I've gotten this far mainly by using Ruby and relying on my decent SQL background. Most of the rest of what's left is just annoyances. Like the fact that [size] and [attachment] tags work differently in phpBB. I'm not sure whether to try and script the conversion of XMB tags to their phpBB versions (something I did already with the [rquote] tags) or try and make the XMB bbcode tags work as they are.

Right now, the goal is to get it to a point where we like how it looks, then set up a new board with all the settings imported from the one I'm working on now. Presumably run by Polverone. Then use the tools we've developed to transfer the data over.

XMB hasn't been actively developed since 2009, and I'm pretty sure we had a consensus a long time ago that we're going to have to transition to new software if we ever want to address this problem. Correct me if I'm wrong.


Yes, I know very well how SPAM bots work in a normal manner, but what I'm saying is that how can you ever tell what it is doing? I've never seen spam posted like on this board, anywhere, where 5,000 character posts are repeatedly posted day after day with new (or slightly altered) content. To me, it looks like coded messages and unless you've dealt with that before, I doubt you would understand what to look for - and THAT IS what it looks like to me.

If there is anything I or anyone else can do to help, let us know

WGTR - 24-9-2018 at 17:08

I just went to send a U2U, and was informed that I have to delete some messages, as I've exceeded my limit of 5000. I have something like 5,600 messages in my outbox.

Apparently when I report spam, a message gets sent to every admin, every time...and they don't get automatically deleted.

Now, since I have a few dozen sent messages that I'd like to keep, I have to go into my outbox and manually look through all 5,600 of these spam reports so that I don't accidentally delete something important. Sigh.

j_sum1 - 24-9-2018 at 18:02

Quote: Originally posted by WGTR  
I just went to send a U2U, and was informed that I have to delete some messages, as I've exceeded my limit of 5000. I have something like 5,600 messages in my outbox.

Apparently when I report spam, a message gets sent to every admin, every time...and they don't get automatically deleted.

Now, since I have a few dozen sent messages that I'd like to keep, I have to go into my outbox and manually look through all 5,600 of these spam reports so that I don't accidentally delete something important. Sigh.

Set up a new folder for U2Us you want to keep. Scroll through and click everything that is not a spam report and then move to your new folder. Once done you can delete everything else.
It is a bit of a pain but it won't actually take too long. I did the same thing when I took on the mod role.

WGTR - 24-9-2018 at 18:17

Huh. I didn't know you could add folders like that, but I figured it out. Thanks! It looks like that's exactly what I needed.
 Pages:  1  ..  3    5    7