You are not logged in.

#1 2021-05-05 20:02:17

twoion
ほやほや
Registered: 2015-08-10
Posts: 3,209

PSA: Expanding IP block lists to combat spam posters

Pretty much since the beginning of this site we have employed IP block lists (ipsets) issued by Stop Forum Spam and other organizations in order to prevent abuse of the forum by spammers. For the past 5 years, it has been almost always smooth sailing with a wave of spam here and there. For 2+ weeks now, however, we have noticed an increase in the number of spammers who manage to register and/or post. As a response, we have increased the "cardinality" of the IP set by including more expansive block lists.

The size of the block IP set has roughly doubled to more than 750k IP addresses OR IP address ranges -- I'll run a script some time later to compute the actual number of addresses, but it's safe to say that now several million of unique IP addresses are being blocked. The blocking disallows registering, posting, and logging in. It is still possible to read the forum. The blocking is limited to forums.bunselabs.org only.

As such, the likelihood of false positives increaes, and legitimate new users, even existing users may find themselves in front of the annoying 403 block screen. If you find yourself in that position, please email, as instructed, admin@bunsenlabs.org with your forum handle and if possible IP address, and we'll unblock you and if possible your ISP's network using a separate whitelist.

In any case, we apologize for any inconvenience these measures may cause. If the inconvenience becomes too great, perhaps we'll roll back the changes, but let's see first if it isn't more beneficial than detrimental.


Nassdachs

Offline

#2 2021-05-05 20:24:20

yoda
Member
From: Montreal
Registered: 2018-12-28
Posts: 151
Website

Re: PSA: Expanding IP block lists to combat spam posters

I own an AntiSpam company ( 20 years) and yes, the last 2 weeks were insane... Huge Spam increase...


According to Buddhism, we all met several times... This time, it's on this forum :-) May we meet again

Offline

#3 2021-05-06 00:38:15

johnraff
nullglob
From: Nagoya, Japan
Registered: 2015-09-09
Posts: 8,003
Website

Re: PSA: Expanding IP block lists to combat spam posters

@twoion thanks for keeping a grip on this!
I can also vouch for the recent increase in spam.

@legit potential members - please don't be put off if you hit that rejection screen. You'll be more than welcome once you get in. smile


...elevator in the Brain Hotel, broken down but just as well...
( a boring Japan blog (currently paused), idle Twitterings and GitStuff )

Introduction to the Bunsenlabs Lithium Desktop

Offline

#4 2021-05-06 03:39:32

hhh
Meep!
Registered: 2015-09-17
Posts: 11,816
Website

Re: PSA: Expanding IP block lists to combat spam posters

Everyone trying to make a quick Internet-scam buck or manipulate societies and governments for their own agendas. This is why we can't have nice things, people!

Offline

#5 2021-05-06 07:11:55

damo
....moderator....
Registered: 2015-08-20
Posts: 6,619

Re: PSA: Expanding IP block lists to combat spam posters

Maybe blocking all dot ru and dot info addresses would help a lot!


Be Excellent to Each Other...
The Bunsenlabs Lithium Desktop » Here
FORUM RULES and posting guidelines «» Help page for forum post formatting
Artwork on DeviantArt  «» BunsenLabs on DeviantArt

Offline

#6 2021-05-06 09:52:33

twoion
ほやほや
Registered: 2015-08-10
Posts: 3,209

Re: PSA: Expanding IP block lists to combat spam posters

damo wrote:

Maybe blocking all dot ru and dot info addresses would help a lot!

We have a few legit active users with .ru email addresses, and unfortunately also one (some?) with an .info email address...


Nassdachs

Offline

#7 2021-05-07 16:35:38

THX1138
Member
Registered: 2019-01-14
Posts: 208

Re: PSA: Expanding IP block lists to combat spam posters

I'm not a professional website builder but host sites that I do build on hosts that provide cpanel. The web host provider throws in a professional spam filter site as part of the package and it does a pretty good job of filtering out email spam. I have also found that wordpress has some good plugins to deal with the issues. One thing I found useful was putting the login page at a different address and updating the site to reflect that change with url redirection in various pages. so that "somesite.com/login-page" was now at "somesite.com/xyz/abc/login-page" it confuses a lot of spambots that are looking for various pages associated with login, posts, and signups for any particular software such as a well known forum software, or wordpress etc. It might be worth changing relevant pages URL's to confuse bots


The telephone is an antiquity - you never know who is calling, there is no image, it is an outmoded product which constantly disrupts work (Ralf Hutter (Kraftwerk)) ps: my wife knows how much I dislike being disrupted at Work - Ralf Hutter hit the nail on the head there

Offline

#8 2021-05-10 02:58:48

DeepDayze
Like sands through an hourglass...
From: In Linux Land
Registered: 2017-05-28
Posts: 1,239

Re: PSA: Expanding IP block lists to combat spam posters

twoion wrote:
damo wrote:

Maybe blocking all dot ru and dot info addresses would help a lot!

We have a few legit active users with .ru email addresses, and unfortunately also one (some?) with an .info email address...

for .ru emails you might need to deny all then poke holes to allow those with legitimate .ru emails, so Russian members might need to interact with admin to register as a vast majority of spam comes from .ru email addies.

A whitelist is necessary in my opinion to permit those who are legitimate to join who have emails in blocked domains.

Last edited by DeepDayze (2021-05-10 03:00:44)


Real Men Use Linux

Offline

#9 2021-05-10 06:50:24

ohnonot
...again
Registered: 2015-09-29
Posts: 5,482

Re: PSA: Expanding IP block lists to combat spam posters

DeepDayze wrote:

for .ru emails you might need to deny all then poke holes to allow those with legitimate .ru emails

I'm sure that's exaggerated.
I agree that a lot of malicious stuff comes from Russia, but not to that extent. Also I'm sure that it would be easy for even the dumbest spammer to register an email with a different tld.
This way, you're just alienating legitimate members from Russia. Sure we don't want to do that - really, most Russians are totally normal people, just like everywhere else on this world.


Give to COVAX! Here or here. (explanation)

Offline

#10 2021-05-10 17:33:20

damo
....moderator....
Registered: 2015-08-20
Posts: 6,619

Re: PSA: Expanding IP block lists to combat spam posters

ohnonot wrote:
DeepDayze wrote:

for .ru emails you might need to deny all then poke holes to allow those with legitimate .ru emails

I'm sure that's exaggerated.....

You don't have to delete spam, and manually ban the dot ru and dot info users who manage to register, on a daily basis. I usually handle several every day.


Be Excellent to Each Other...
The Bunsenlabs Lithium Desktop » Here
FORUM RULES and posting guidelines «» Help page for forum post formatting
Artwork on DeviantArt  «» BunsenLabs on DeviantArt

Offline

#11 2021-05-10 17:51:33

DeepDayze
Like sands through an hourglass...
From: In Linux Land
Registered: 2017-05-28
Posts: 1,239

Re: PSA: Expanding IP block lists to combat spam posters

ohnonot wrote:
DeepDayze wrote:

for .ru emails you might need to deny all then poke holes to allow those with legitimate .ru emails

I'm sure that's exaggerated.
I agree that a lot of malicious stuff comes from Russia, but not to that extent. Also I'm sure that it would be easy for even the dumbest spammer to register an email with a different tld.
This way, you're just alienating legitimate members from Russia. Sure we don't want to do that - really, most Russians are totally normal people, just like everywhere else on this world.

I moderate a small board and noticed a lot of bots that register from *.ru emails so the admin of that site blocked the entire *.ru domain and that helped drop the bots to some extent. As for .info emails, those are being researched still...

When a domain gets blocked they will migrate to another one so it's a matter of time the spam will rise again.

Last edited by DeepDayze (2021-05-10 17:52:39)


Real Men Use Linux

Offline

Board footer

Powered by FluxBB