# spam attack



## EricNoah (Jun 7, 2006)

See messages below mine.


----------



## Piratecat (Jun 7, 2006)

Thanks, Eric! The fastest way is to report the post. That emails everyone.

I deleted your post in General, as well.  No longer needed.


----------



## EricNoah (Jun 7, 2006)

There was one I didn't even want to open -- hard to report in that case.


----------



## Piratecat (Jun 7, 2006)

Heh, understood. No photos, only links. Both are now on the banned list.


----------



## ColonelHardisson (Jun 7, 2006)

Looks like I missed all the fun. Shucks.


----------



## Piratecat (Jun 7, 2006)

If by fun you mean spam from a poster with the username "monsterc**k", then yes, yes you did!


----------



## TheLe (Jun 7, 2006)

Piratecat said:
			
		

> Thanks, Eric! The fastest way is to report the post. That emails everyone.




Actually, I was in the thread and tried to  _report a post_, but could not find that option anywhere.

`Le


----------



## Keith Robinson (Jun 7, 2006)

TheLe said:
			
		

> Actually, I was in the thread and tried to  _report a post_, but could not find that option anywhere.
> 
> `Le




It's the little white triange with with exclamation mark in the middle, located in the bottom left of the user panel next to every post.   

I think I've explained that terribly, but hey ho!


----------



## EricNoah (Jun 7, 2006)

It looks like this:


----------



## Knight Otu (Jun 7, 2006)

Whoa!! Meta looks horrible with all those deleted threads!


----------



## Piratecat (Jun 7, 2006)

I'm counting 19 in Meta during the last week, plus four automatically caught and moved. A few more elsewhere as well.

We must have gotten on someone's list.


----------



## Michael Morris (Jun 7, 2006)

Two weeks ago the algorythm used in PHP GDK for human verification (you know, the squiggly letter) was finally cracked.  The result is now we're getting inundated with bots.  I'll need to up the paranoia on the spam filters it seems as they are only really meant as a second line of defense.

Another more asinine solution is to forbid new posters from creating new threads until the account is 1 month old or they make new posts.

I'll think of something.  As I said along with a few explicatives on www.nutkinland.com - two can play the script writing game.


----------



## Starman (Jun 7, 2006)

Haven't you been warned about signing up for pr0n with an ENWorld addy, PC?


----------



## Michael Morris (Jun 7, 2006)

That's not the reason.  This type of spam is known as comment spam.  The primary motive of the spammer is to get a link reference to be followed from here to their site so that Google is tricked into ranking their pages very high.  Unfortunately for them all the links created by the URL tag at ENWorld have the rel="nofollow" protocol, meaning the google spider knows to NOT follow the link - hence they are wasting their time. However since they've now defeated the human verify system they can program a bot to make the posts ad naseum until their banned.

You can see the spammer's motives in their own words here (warning - very crude language)

These bastards took away the USENET and Spammed it beyond usability in the late 90's. They're gonna try to do it again to forum software - but this time we have an edge. We control the medium of transfer.  I can and I will write the software necessary to thwart these attacks using a combination of blacklists and Bayesian filtering and other techniques.


----------



## Starman (Jun 8, 2006)

Spoony Bard said:
			
		

> That's not the reason.




I didn't really think it was. I just had a funny image of Piratecat googling pirate+cat+sex and then signing up for their weekly emails or something.


----------



## Piratecat (Jun 8, 2006)

Damn, you're cool.


----------



## kirinke (Jun 8, 2006)

Nimrodical spammers. Can't you do a trace and track em back to point of origin or something? You can report those idiots to someone, I forget who though. ^_^


----------



## James Heard (Jun 8, 2006)

I think that, having such a large number of gamers in the military, the options for proceeding should be quite clear.


----------



## Michael Morris (Jun 8, 2006)

Doesn't help kirinke. These guys switch ISP's on a WEEKLY basis and forge their id's in order to dodge ISP blacklists lodged against them.

80% of all spam on the net is the responsibility of around 200 individual spam operations believe it or not. Here's the list known as the ROKSO list.


----------



## kirinke (Jun 8, 2006)

Darnit.... In any case, you mods and programmer guys do a great job in keepin those spammers out. Tis a pity they are evil, inconsiderate jacksonballs. (Being grandma friendly here is tough sometimes....  )


----------



## Umbran (Jun 8, 2006)

Piratecat said:
			
		

> That emails everyone.




Um, not quite.  I'm not getting reported post e-mails. I suspect Rel isn't either, though you shoudl check with him to make sure.


----------



## Piratecat (Jun 8, 2006)

Is that not resolved yet? We'll figure out why.


----------



## Steverooo (Jun 8, 2006)

I saw a post like that, once,... right here, in Meta!  I knew EN's Granny wouldn't approve, so I reported it...  Next time I came in here, I looked around for it, but... it was nowhere to be found!  Methinks somebody "fixed" it, in Spayeds!


----------



## Starman (Jun 8, 2006)

Piratecat said:
			
		

> Damn, you're cool.




 Ah, Piratecat, you're making me blush.

I am going to sig that, though.


----------



## Piratecat (Jun 8, 2006)

Mind you, I was also referring to Michael's anti-spam mastery! Two compliments for dramatically different purposes, one stone. I am the master of efficient post writing. 

But - err - you may want to scrub your brain. Piratecat-porn is not something that _anyone_ should dwell on.


----------



## Knight Otu (Jun 8, 2006)

Piratecat said:
			
		

> But - err - you may want to scrub your brain. Piratecat-porn is not something that _anyone_ should dwell on.



Now he says that.  Came a bit too late.


----------



## Starman (Jun 8, 2006)

Piratecat said:
			
		

> Mind you, I was also referring to Michael's anti-spam mastery! Two compliments for dramatically different purposes, one stone. I am the master of efficient post writing.




Can anyone deny that you _are _the master?



> But - err - you may want to scrub your brain. Piratecat-porn is not something that _anyone_ should dwell on.




I'm not, uh....dwelling on that. Not at all. Nope. No way. <runs>


----------



## Darkness (Jun 10, 2006)

Piratecat said:
			
		

> Is that not resolved yet? We'll figure out why.



 Hm. Maybe add them to the moderator lists for the various forums?


----------



## Dark Star (Jun 10, 2006)

I get this weird thing that happens everytime I post.

*Warning:* eregi() [function.eregi]: REG_EMPTY in */includes/functions_spamkill.php* on line *26*

And it lists it 6 to 7 times. The post still works, however.

Anyone have a clue what this is? is is some sort of new script that kills invisible spamming?

Dark Star


----------



## William Ronald (Jun 10, 2006)

Spoony Bard said:
			
		

> That's not the reason.  This type of spam is known as comment spam.  The primary motive of the spammer is to get a link reference to be followed from here to their site so that Google is tricked into ranking their pages very high.  Unfortunately for them all the links created by the URL tag at ENWorld have the rel="nofollow" protocol, meaning the google spider knows to NOT follow the link - hence they are wasting their time. However since they've now defeated the human verify system they can program a bot to make the posts ad naseum until their banned.
> 
> You can see the spammer's motives in their own words here (warning - very crude language)
> 
> These bastards took away the USENET and Spammed it beyond usability in the late 90's. They're gonna try to do it again to forum software - but this time we have an edge. We control the medium of transfer.  I can and I will write the software necessary to thwart these attacks using a combination of blacklists and Bayesian filtering and other techniques.




We have had some more spam attacks this afternoon, so I reported them.  I would like to say first that the administrators and the moderators are doing a good job here at EN World.  (I have not been around as much as I would have liked of late, but that will change.)

Perhaps some of our members who have the appropriate skills can volunteer to help Spoony Bard out.


----------



## Starman (Jun 10, 2006)

William Ronald said:
			
		

> Perhaps some of our members who have the appropriate skills can volunteer to help Spoony Bard out.




As I recall there have been several board members who have volunteered to help with tasks. I'm not sure if anything came of it, though.


----------



## Dog Moon (Jun 12, 2006)

Steverooo said:
			
		

> I saw a post like that, once,... right here, in Meta!  I knew EN's Granny wouldn't approve, so I reported it...  Next time I came in here, I looked around for it, but... it was nowhere to be found!  Methinks somebody "fixed" it, in Spayeds!




Just saw one and reported it a couple of minutes.

It never ends, does it?  Just the other day I saw a Spambot spamming the ability for you to pay that company to spam.  I'm not sure ANYTHING can top that.


----------



## BOZ (Jun 14, 2006)

Dark Star said:
			
		

> I get this weird thing that happens everytime I post.
> 
> *Warning:* eregi() [function.eregi]: REG_EMPTY in */includes/functions_spamkill.php* on line *26*
> 
> ...




that's probably tied to your postcount, and/or your date of registration.  as one or both of those increases, i suspect the message will go away?


----------



## Quasqueton (Jun 14, 2006)

> ENWorld have the rel="nofollow" protocol



Porn linkage here has gotten so bad they have to code restrictions right into the software to keep Rel from following the links. Rel, my friend, seek a councelor. 

Quasqueton


----------

