Page 2 of 2

Posted: Sun Mar 11, 2007 1:24 pm
by Tony McC
Most of what has been recommended by the newly revealed enigmaenigmna is already in place. The existing softwware doesn't allow html; flood control is in place; we now have a group of moderators, and I'm aware that 80% of the spamtwats originate from a particular email domain.

However, the current software has a bug that doesn't allow the supposed email domain blocking option to function properly, which is why I've been playing about behind the scenes with two new Brew Cabins: the first would be an updated version of the current system, with allegedly improved security, while the second is a whole new system that is similar to software I run on another (much, much smaller) website for my village.

The new "Ikonboard" software is very attractive as it's familiar to existing members and needs minimal new graphics work. However, Ikonboard has had "ownership issues" over the past couple of years and I'm not certain how well supported it might be in the future. The alternative, a php system, is robust, supported by an Open Licence and a very loyal userbase, but means starting from scratch with new graphics, a new database, and several evenings of effing about with uncooperative servers.

I don't have as much free time as I once had, so I may opt for the upgraded Ikonboard as a short-term fix and then develop the php board over the coming months....or I might just commit meself to a few very, very late nights and get the php option finished.

Watch this space, as they say.

Posted: Sun Mar 11, 2007 1:34 pm
by Stuarty
If you ever need help with a PHP built board give me a shout, ive been developing php applications for a few years now, aswell as modifying other PHP apps including forum software

Posted: Sun Mar 11, 2007 8:03 pm
by enigmaenigma
Good luck with any board software changeover I know what a nightmare they can be in the terms of headaches and hassles

And sorry if I was treading over old ground, it was just the annoyance at seeing a great resource getting hassle and headaches at the hands of arseholes


Should you do it then along with any formatting errors in existing posts, due to differences in the BB code, you may also want to set up a G-mail type account for assisting members who have problems requesting a password reset and getting access to your new board

In as far as security goes they all have their weaknesses or vulnerabilities and to be honest I think that these idiots that go round creating havoc with dubious scripts share around the latest conquest or target – so in some respects and regardless of what you do in regards software etc it’s just as much a game of chance and not ticking all the boxes for their latest mischief requirements


In regards the spammers and what I saw last night, with an account creating a spam post and the appearance of another new account that had a name that looked as though it was designed for spam, I can’t help but think that it is being done manually as opposed to automated – although a Google of the initial spam poster that I reported showed that they were very active at pasting rubbish across the internet and it doesn’t seem feasible to go to that much effort manually


In some ways it probably would be better if it was automated and always linking to specific sites, as opposed to being manual and the sites being changeable at a whim – because if you do transfer to a board software which gives you greater control then if it has a swear filter modification then you might be able to classify the URL or part of it as inappropriate and block it from being posted

Or should the board have a moderator preview mode see if it can be set so new members first X number of posts need to be approved before they are made visible to all, at least then the only person seeing the spam would be the spam account and you could clean it away with as little fuss as possible

Good luck with it all – it’s just a shame they haven’t invited a means of giving a virtual punch round the head, because it would be ideal for solving stuff like this in an instance

Posted: Mon Mar 12, 2007 9:58 am
by Tony McC
As far as I can ascertain, the spam is being posted manually, as the registering email addresses and the IPs are different. Most of the trouble comes from mail.ru addresses and another source tells me that students and ne'er-do-wells from that benighted country are offered a small financial reward for their efforts.

One enterprising soulski offered to stop all the spam in return for a sizable payment to his PayPal account, but I'm not that stupid - you pay once and they'll be back for more!

It's strange that they target just one of the seven available forums, the one with the most pre-existing posts. I have a theory that they select forums with 1,000+ posts, which would, I assume, indicate a reasonable level of traffic for their dirty deeds.

Worryingly, only about 1 in 5 of the potential spammers that take the trouble to register actually have the staying power to post a message. I look through the names of new members and it's usually fairly obvious which of them are intent on entertaining us with some drivel, but then they never post a single word! Rightly or wrongly, I now put a block on anyone with a mail.ru email address. It's just too much of a coincidence that so much of the spam emanates from these addresses. Second place in the spam league is probably cashette.com, closely followed by inmail.

Some clown using the name "Bush" floods one of the forms on the main website with requests for links to an assortment of dodgy sites, and I suspect he/she/it is using a script because the format is the same each time. The only thing I've not been able to fathom out is just why that one particular form is targetted while the others, and there's quite a few of them, are left well alone.

I'm sure you're right that they'll always find a way to pursue their hobby, but I reckon the pretty good policing we have in place now is as good as we can get. If they are paid by results, then they must, eventually, realise the Brew Cabin is barren ground for their activities.

Posted: Mon Mar 12, 2007 10:39 pm
by enigmaenigma
I kept on running hot n cold over whether it was manual or not

The account that appeared and was named for the occasssion but failed to post made me think manual, but then the formatting and working links in the other spam post made me wonder

Because I had a play around previewing a response into that spam thread to see if there was a quick method of replicating it, because if you followed the links it seemed to be a copy n paste job of the site at the other end

But as the site here doesn’t use that [insert your preferred swear word] WYSWIG text editor, which can copy a site or page warts and all including working links, I couldn’t understand how they were getting the posts the way they were or to be precise I couldn’t see them taking the time to code every link - plus the presence of the disabled / defunct HTML code showed that there was some element of copy n paste that even made me look at the page source of the spam link


One enterprising soulski offered to stop all the spam in return for a sizable payment to his PayPal account, but I'm not that stupid - you pay once and they'll be back for more!


Aye, either virtual extortion or online charlatan


I'm sure you're right that they'll always find a way to pursue their hobby, but I reckon the pretty good policing we have in place now is as good as we can get. If they are paid by results, then they must, eventually, realise the Brew Cabin is barren ground for their activities.


I didn’t mean to sound negative in my last post or defeatist and hope it don’t come across that way, I should have used a real life example instead – a bit like when a building site becomes an adventure playground for the local scum and it takes some time & effort to rid it of the problem

Personally I just don’t understand or to be precise the reason behind it, as it seems impossible for it to either fund itself or actually work at getting traffic - because even with price per impression advertising on the sites that the spam directing to it just doesn’t add up and to be honest I’m always left with the idea that its just online vandalism ~ I could waffle on about how this sort of stuff will eventually and ultimately erode the great freedom that the internet provides and the average Joe user will loose out, but that would be straying to far off topic :p

Posted: Tue Mar 13, 2007 6:57 am
by Tony McC
I wonder if there is anyone stupid enough to take up any of these ridculous offers? I suppose there must be: after all, there's barely a week goes past without me getting a call about some block paving that was allegedly left over from a big motorway job!

Posted: Fri Mar 16, 2007 12:26 pm
by mouldmaker
Sadly yes.

A survey last year suggested that over 40% of british internet users had, or would consider, buying a product via spam.

The only way to stop the spammers is to find these 40% and slam their fingers in doors hard enough to stop them using a keyboard.