[support] Spammers

Neil Adair neiltadair at gmail.com
Thu Nov 1 18:05:36 UTC 2012


I've been impressed with Honeypot http://drupal.org/project/honeypot which
adds a field only bots see (like botcha) and also uses a time limit. If a
form is completed in less than a configurable time (default 5 sec) it is
rejected. Bots usually fill forms in milliseconds and can't afford to hang
around for longer so this is a particularly effective defence. I think
captcha and recaptcha are almost useless now and depending on spammer lists
(requiring lots of calls to an external service) can be slow.

Neil

On Tue, Oct 30, 2012 at 7:17 PM, Jamie Holly <hovercrafter at earthlink.net>wrote:

> Still not a guarantee. There is no guarantee for stopping spam. Just ask
> Google, Hotmail, Facebook, Twitter, etc.
>
> One of the big things going on now is that companies are paying people
> to create accounts. They also use proxies from computers infected with
> viruses, which makes it extra hard to catch.
>
> For one client, that has seen over 40,000 spam account in the past 2
> months (we tried Mollom, Botcha, every Captcha method and Bad Behavior).
> I have been trying numerous, custom modules and methods. I have one that
> is working really well right now. I'm afraid to release it though, since
> if the spammers get a hold of it then they can see the work around.
>
> What you need to do is be very vigilant. Record the request headers and
> look for things in there that might give it up. Try to limit the number
> of registrations for a period of time for each IP. Block the countries,
> if they are all coming from a certain one. Actually you can block the
> registration page for those countries.
>
> But, as I said in the beginning, there is not a fool-proof way. If
> someone does come up with it, then their name would be about as common
> as Bill Gates and their wallet close to the same size. The big companies
> spend millions trying to fight spam accounts and are still losing out on
> the battle.
>
> Jamie Holly
> http://www.intoxination.net
> http://www.hollyit.net
>
> On 10/30/2012 5:00 PM, Lynn wrote:
> > The only module you'll need for all spam (comments, bogus account
> creation, etc)... works awesome.
> > http://drupal.org/project/botcha
> >
> > On Oct 30, 2012, at 11:21 AM, Patrick Avella wrote:
> >
> > > Hi Nancy, unfortunately blocking individual IPs and blocks of IPs does
> > > not guarantee you're blocking a specific country. There is a GeoIP
> > > Apache module that translates IP addresses into geographic location,
> > > and happens at the web server layout. This is much different than the
> > > built in IP-Blocking that happens in the drupal layer and is much less
> > > flexible.
> > >
> > > I would not recommend blocking blocks of IP addresses w/o Geo look up
> > > information, as you're not guaranteed uniform IP address allocation
> > > globally.
> > >
> > > On Tue, Oct 30, 2012 at 12:51 PM, Ms. Nancy Wichmann
> > > <nan_wich at bellsouth.net> wrote:
> > >> You don't need any modules to block IPs. Go to
> > >> admin/config/people/ip-blocking
> > >>
> > >> Nancy
> > >> Injustice anywhere is a threat to justice everywhere. -- Dr. Martin
> L. King,
> > >> Jr.
> > >>
> > >> ________________________________
> > >> From: Patrick Avella
> > >> You can also block countries via GeoIP and apache,
> > >>
> > >>
> > >> --
> > >> [ Drupal support list | http://lists.drupal.org/ ]
> > > --
> > > [ Drupal support list | http://lists.drupal.org/ ]
> >
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20121101/a0cf823c/attachment.html 


More information about the support mailing list