Skip to main content

Comment Spam >:(

  • In my first and previous post in this game dev log entry, I had written that I wanted to do a game which was a collection of simple retro games. Unity released a new major release (2019.3) while I was putting the initial project together, and I…

  • Well, I'm making a game . I'm spending the next few weeks on making a small game to showcase the gamedev log feature on tsumea where any member can create a game entry and other members can post journal posts with art, music or just development…

  • Just a test #2. Still working on the new section.

  • So, I got a Commodore 64 when I was in the 4th grade. It came bundled with a Rolf Harris picture building program on casette tape which never loaded properly but from what I could tell by its box cover, you could build pictures from a selection…

  • Yes, the site looks very different and I've had to prematurely switch to this new theme that I'm working on for a few reasons, the main one is that changing certain aspects of the site to fit the new theme will affect how the old one looks for…

  • (this is just a test, please ignore this entry)

    Here is some of my old work.. the first pic is of a 3d model of a human head I was working on about 2 years ago in 3dsmax, using nurbs. If I had to do it again, I wouldn't model a head with…

I currently work for

Submitted by souri on
Forum

Bah.. there is someone, right this very moment, posting a tonne of casino spam in the news comments. I've had to go through and delete 20 or so of his posts already, be he keeps on posting new ones. If he had half a brain, he'd see that the anchor tags in links posted in user comments have the rel=nofollow attribute, so all the effort he is putting in to increase his website search rankings isn't going to work. >:(

If you see any obvious link spamming in the comments, please do click the "comment abuse" button..

Submitted by souri on Wed, 11/05/05 - 1:18 AMPermalink

He's still posting them, so I'm parsing his domain with some other crap. [url="http://www.sumea.com.au/snews.asp?news=158"]You can see it here[/url]. Maybe he'll get the hint.

Bah.. it's still coming. It's most likely automated. :/ I'll write something so that it catches spam before it gets written into comments, but I'll have to do it later because I'm heading off now. >:(

Submitted by souri on Thu, 12/05/05 - 12:41 AMPermalink

Got home late last night, spent till 5am cleaning up all the comments from spam and putting in some measures that stopped the casino spam, wake up today and find a tonne more spam pimping a new site.

>:(

You know, I may have to implement users to authenticate themselves before they post. :/.. Or confirming letters from a graphic or something stupid like that.

Submitted by mcdrewski on Thu, 12/05/05 - 3:05 AMPermalink

"Name the russian game in which blocks have to be rotated into place"

"Name the game that was used for the Machanima series, Red vs. Blue"

"Which game to the letters 'IDDQD' and 'IDKFA' help you out in?"

:)

Submitted by Daemin on Thu, 12/05/05 - 7:49 PMPermalink

You mean you don't have it that users need to authenticate themselves before they post? Bah Souri, that should've been like the first thing. It means that the spammers have to register on your site first and then they can post their spam... That would also make it easier to control as you could just delete their accounts etc.

Submitted by redwyre on Fri, 13/05/05 - 9:35 AMPermalink

Can you link the forum users with the news comments?
And btw, you should have at least added the ip filtering. Told you so! :P

Submitted by souri on Fri, 13/05/05 - 12:23 PMPermalink

I added IP filtering that morning, but that spammer had a different IP for every spam he posted, so it was useless. Anyway, what I've put in since has stopped them completely, so all I'm not sure if it's worth putting forum logins (I actually did that about four years ago but removed it) and other authentication. Unless of course it gets really out of hand with trolls.

Submitted by Daemin on Fri, 13/05/05 - 8:03 PMPermalink

Can't you link it to the forums' members list Souri? So that you have to be a forum member to post there?

Submitted by souri on Sat, 14/05/05 - 12:47 AMPermalink

Yeh, I've already been able to do that in the past. I've just found another 10 or so spam posts today to a different domain, so I'm assuming this spammer is just gonna keep doing this, and I really can't be screwed spending 10 minutes every day just to clean things up / block the new domain, so I'll have to make it require logging into the forum first. I'll also have an option for anonymous cowards to post somehow.

Submitted by redwyre on Sat, 14/05/05 - 1:56 AMPermalink

I would like having authentication... otherwise anyone could just type your name in and post...

Submitted by souri on Wed, 18/05/05 - 5:02 PMPermalink

I just had a thought, perhaps the comments should be linked to Sumea profile members instead, rather than the forum. So, you'd log in on the main page with your Sumea profile account, then you'll be able to post comments on the rest of the site (news, votes, articles, other members' gallery pictures). The reason for this is that I can do extra things for your journals like listing your recent comments etc. Kinda like what all other blog services do.

An upside of this would be that it's easier for me to impliment (I don't have to go and figure out how the forum handles users/cookies etc) and it'll be more secure using server sessions.

Submitted by mcdrewski on Wed, 18/05/05 - 6:58 PMPermalink

sounds good to me, with the only downside being that profiles need to be manually authorised by you.

Submitted by souri on Wed, 18/05/05 - 8:52 PMPermalink

People will still be able to post anonymously as usual. I just have to figure out some simple procedure for them which will also stop automated spamming bots.

Submitted by souri on Thu, 09/06/05 - 5:32 PMPermalink

Just an update on the spam situation. The site is getting over a thousand attempts a week to post spam in the comments areas, but they've been stopped dead in their tracks by a basic keyword filter. If any do get through, they're *easily* removed, so it's no problem.

I did a search on google on the spam they've been posting on Sumea, and these guys have been clogging and destroying blogs and comments areas on tonnes of websites all over the net.

Sumea = 1, Spammers = 0 [:D]

Submitted by mcdrewski on Thu, 09/06/05 - 7:45 PMPermalink

you mean that if I have a game about a casino in which people gamble for viagra with their pre-approved home loans, I can't post news comments any more? Darn :)

well done and kudos :)

Submitted by MoonUnit on Fri, 10/06/05 - 1:44 AMPermalink

lol mcdrewski, and i was looking forward to that game too...
good to hear souri :)

Submitted by souri on Thu, 01/09/05 - 2:43 AMPermalink

Boring updates on spam situation. Did a bit of searching and it looks like Sumea is just another on the list that's on the neverending attack from a notorious comment spammer called [url="http://www.geeklog.net/article.php/meet-the-bulgarians"]The Bulgarian[/url].

On top of that, there's also a barrage of referer spam too. In the thousands, per month. And unfortunately there's not much I can do against that on an NT server, but it's wasting server resources. I blame the log software for this because it's available to the public without even as much as a login required. So the spammers hit the site with referer spam so that the logs show their website, in which Google and other search engines pick up for page rankings. The solution is to stop the logs from updating and wait until all the old logs clear out, which will take half a year. This won't make them stop doing it though.

And now I've found that some spammers been trying to use email injection with Sumea's contact form to send out their spam. None of them have gotten through though (I've been getting tonnes of failed attempt reports) and I've made that a bit more secure.

Submitted by mcdrewski on Thu, 01/09/05 - 2:50 AMPermalink

There's only one answer - rampant vigelantism and total anarchy. [:P]

You can easily exclude the referrer logs from being indexed by any responsible search engine by using the [url="http://www.robotstxt.org/"]robots.txt[/url] exclusion. That might help a bit.

Submitted by souri on Thu, 01/09/05 - 11:45 PMPermalink

Ok, now I've been getting a tonne of bounced emails from forum registrations. You need a legit email address to finalise your forum registration, and all these new registrations are bouncing. Spammers are using some script to register usernames with a common pattern (name + numeric number). Unfortunately they're not smart enough with the legit email part.

So yeh, add that to another way spammers are trying to spam Sumea. [:(]

I can't edit the logs page. [:(]

Submitted by mcdrewski on Fri, 02/09/05 - 3:00 AMPermalink

quote:

...Spammers are using some script to register usernames with a common pattern (name + numeric number)

b*stards. i wonder what using non-numeric number would look like though. [:)]

quote:
I can't edit the logs page. [:(]

...but your webhost should if you request it! there's no good reason to let robots browse it AFAIK.

Is there anything we can do to assist? Take on email filtering roles or something? Are you looking for an army of ninja robots or special ops gerbils that we can provide?

Submitted by souri on Tue, 06/09/05 - 3:27 AMPermalink

Probably the only way to resolve things would be to relocate to take another domain name and wait to get attacked again. Not really anything else I can do. All these spam attempts are really another kind of DOS attack, to be honest. It's funny, when I reset the server (which resets the recorded number of Sumeans online), it only takes a few minutes to see that number fly back up to over 4-500. I think that tells you about how many bots and scripts are hitting the site. Some are legitmate, of course, but I'm betting that most aren't.

Submitted by souri on Mon, 16/01/06 - 1:38 PMPermalink

Ok, comment spam is still slipping through, and I've pretty much have had enough of it.

So from now on you can't post links in the comment areas on Sumea. If it's got the hallmarks of a link, then it'll get rejected. Later, I'll make it so that only profile members who've logged in can only post links if they really need to, but hopefully this will be the end of it.

Submitted by CynicalFan on Mon, 16/01/06 - 11:11 PMPermalink

You know if there is a hell, I hope they have a special place just reserved for spammers [;)].

Almost makes me want to become a Christian just so that I can believe in it.

Submitted by souri on Thu, 19/01/06 - 7:24 AMPermalink

They're just so bloody annoying. It isn't just the website related spam that's getting to me, email spam is slipping through as well. The current trend, which gets past Thunderbird's filters, is these empty email spams with images. I'm getting a tonne of them.

Submitted by souri on Thu, 27/04/06 - 4:18 PMPermalink

Another update on the endless spam problems on Sumea which doesn't really affect anyone but me.

Comment spam is pretty much no more. Used to get hundreds a day, but I haven't spotted any in months. If you have a comment spam problem, just remove the ability to post links, and that should be the end of it.

Bounced emails from forum registrations is no more - I think the spammers gave up on that one.

The current problem now is spammers forging the from/reply-to headers in the email to make it look like it's from a sumea email address. They'll send it to a huge variety of email addresses, and if it bounces, it gets bounced to a random sumea email address. It's a bit clever, in that when they send spam, it can potentially go to twice the number of recipients. The problem here is that the only person it can go to is me, so once the spammers realise this, hopefully they'll stop and move on. Getting tired of checking my email and receiving a tonne of these emails, *all with attached images*...

Submitted by souri on Wed, 28/06/06 - 5:53 PMPermalink

Ok, comment spamming is back. And it's probably the worst kind of comment spam, because it's impossible to prevent. They're spamming the comment areas (mainly member's profile comments and news items at the moment) with jibberish, which you can't really filter. No description of their dodgy product or service, just a bunch of random letters or words. You can see an [url="http://www.sumea.com.au/sprofile.asp?member=139&id=139&mode=comments"]example here[/url]. Yeh, it's all pretty pointless, and I have no idea why spammers would make their scripts do this, other than to waste someone else's time and resources cleaning all the mess up.

Once I finish working on updating the backend to remove spam better, it shouldn't be as much of a problem anymore.

Submitted by J I Styles on Wed, 28/06/06 - 7:34 PMPermalink

Maybe we need to do email auth on it... so the old mail out with activation link?

I also deleted a job post in the jobs area which was a financing company of some sort -- googled and came up with it spammed on boards all over the web :/

Submitted by souri on Wed, 28/06/06 - 7:57 PMPermalink

What was their username so I can lock it.

Submitted by souri on Thu, 29/06/06 - 6:45 PMPermalink

Ok, he's locked.

I've finished the backend stuff, and gone through and removed all the spam from members and news this morning. Removing spam is easy, but when there are hundreds of them that you have to mark as spam then click the selected comments to remove etc, it gets pretty darn tedious.

So when I removed them all (which took a while), I had a look in Sumea Comments just to recheck things, and found that the damn spammer made another hundred posts while I was busy. Yeh, it's getting highly annoying.

If you ever see spam, click on the comment abuse button. That'll at least get rid of half the job for me.

Posted by souri on
Forum

Bah.. there is someone, right this very moment, posting a tonne of casino spam in the news comments. I've had to go through and delete 20 or so of his posts already, be he keeps on posting new ones. If he had half a brain, he'd see that the anchor tags in links posted in user comments have the rel=nofollow attribute, so all the effort he is putting in to increase his website search rankings isn't going to work. >:(

If you see any obvious link spamming in the comments, please do click the "comment abuse" button..


Submitted by souri on Wed, 11/05/05 - 1:18 AMPermalink

He's still posting them, so I'm parsing his domain with some other crap. [url="http://www.sumea.com.au/snews.asp?news=158"]You can see it here[/url]. Maybe he'll get the hint.

Bah.. it's still coming. It's most likely automated. :/ I'll write something so that it catches spam before it gets written into comments, but I'll have to do it later because I'm heading off now. >:(

Submitted by souri on Thu, 12/05/05 - 12:41 AMPermalink

Got home late last night, spent till 5am cleaning up all the comments from spam and putting in some measures that stopped the casino spam, wake up today and find a tonne more spam pimping a new site.

>:(

You know, I may have to implement users to authenticate themselves before they post. :/.. Or confirming letters from a graphic or something stupid like that.

Submitted by mcdrewski on Thu, 12/05/05 - 3:05 AMPermalink

"Name the russian game in which blocks have to be rotated into place"

"Name the game that was used for the Machanima series, Red vs. Blue"

"Which game to the letters 'IDDQD' and 'IDKFA' help you out in?"

:)

Submitted by Daemin on Thu, 12/05/05 - 7:49 PMPermalink

You mean you don't have it that users need to authenticate themselves before they post? Bah Souri, that should've been like the first thing. It means that the spammers have to register on your site first and then they can post their spam... That would also make it easier to control as you could just delete their accounts etc.

Submitted by redwyre on Fri, 13/05/05 - 9:35 AMPermalink

Can you link the forum users with the news comments?
And btw, you should have at least added the ip filtering. Told you so! :P

Submitted by souri on Fri, 13/05/05 - 12:23 PMPermalink

I added IP filtering that morning, but that spammer had a different IP for every spam he posted, so it was useless. Anyway, what I've put in since has stopped them completely, so all I'm not sure if it's worth putting forum logins (I actually did that about four years ago but removed it) and other authentication. Unless of course it gets really out of hand with trolls.

Submitted by Daemin on Fri, 13/05/05 - 8:03 PMPermalink

Can't you link it to the forums' members list Souri? So that you have to be a forum member to post there?

Submitted by souri on Sat, 14/05/05 - 12:47 AMPermalink

Yeh, I've already been able to do that in the past. I've just found another 10 or so spam posts today to a different domain, so I'm assuming this spammer is just gonna keep doing this, and I really can't be screwed spending 10 minutes every day just to clean things up / block the new domain, so I'll have to make it require logging into the forum first. I'll also have an option for anonymous cowards to post somehow.

Submitted by redwyre on Sat, 14/05/05 - 1:56 AMPermalink

I would like having authentication... otherwise anyone could just type your name in and post...

Submitted by souri on Wed, 18/05/05 - 5:02 PMPermalink

I just had a thought, perhaps the comments should be linked to Sumea profile members instead, rather than the forum. So, you'd log in on the main page with your Sumea profile account, then you'll be able to post comments on the rest of the site (news, votes, articles, other members' gallery pictures). The reason for this is that I can do extra things for your journals like listing your recent comments etc. Kinda like what all other blog services do.

An upside of this would be that it's easier for me to impliment (I don't have to go and figure out how the forum handles users/cookies etc) and it'll be more secure using server sessions.

Submitted by mcdrewski on Wed, 18/05/05 - 6:58 PMPermalink

sounds good to me, with the only downside being that profiles need to be manually authorised by you.

Submitted by souri on Wed, 18/05/05 - 8:52 PMPermalink

People will still be able to post anonymously as usual. I just have to figure out some simple procedure for them which will also stop automated spamming bots.

Submitted by souri on Thu, 09/06/05 - 5:32 PMPermalink

Just an update on the spam situation. The site is getting over a thousand attempts a week to post spam in the comments areas, but they've been stopped dead in their tracks by a basic keyword filter. If any do get through, they're *easily* removed, so it's no problem.

I did a search on google on the spam they've been posting on Sumea, and these guys have been clogging and destroying blogs and comments areas on tonnes of websites all over the net.

Sumea = 1, Spammers = 0 [:D]

Submitted by mcdrewski on Thu, 09/06/05 - 7:45 PMPermalink

you mean that if I have a game about a casino in which people gamble for viagra with their pre-approved home loans, I can't post news comments any more? Darn :)

well done and kudos :)

Submitted by MoonUnit on Fri, 10/06/05 - 1:44 AMPermalink

lol mcdrewski, and i was looking forward to that game too...
good to hear souri :)

Submitted by souri on Thu, 01/09/05 - 2:43 AMPermalink

Boring updates on spam situation. Did a bit of searching and it looks like Sumea is just another on the list that's on the neverending attack from a notorious comment spammer called [url="http://www.geeklog.net/article.php/meet-the-bulgarians"]The Bulgarian[/url].

On top of that, there's also a barrage of referer spam too. In the thousands, per month. And unfortunately there's not much I can do against that on an NT server, but it's wasting server resources. I blame the log software for this because it's available to the public without even as much as a login required. So the spammers hit the site with referer spam so that the logs show their website, in which Google and other search engines pick up for page rankings. The solution is to stop the logs from updating and wait until all the old logs clear out, which will take half a year. This won't make them stop doing it though.

And now I've found that some spammers been trying to use email injection with Sumea's contact form to send out their spam. None of them have gotten through though (I've been getting tonnes of failed attempt reports) and I've made that a bit more secure.

Submitted by mcdrewski on Thu, 01/09/05 - 2:50 AMPermalink

There's only one answer - rampant vigelantism and total anarchy. [:P]

You can easily exclude the referrer logs from being indexed by any responsible search engine by using the [url="http://www.robotstxt.org/"]robots.txt[/url] exclusion. That might help a bit.

Submitted by souri on Thu, 01/09/05 - 11:45 PMPermalink

Ok, now I've been getting a tonne of bounced emails from forum registrations. You need a legit email address to finalise your forum registration, and all these new registrations are bouncing. Spammers are using some script to register usernames with a common pattern (name + numeric number). Unfortunately they're not smart enough with the legit email part.

So yeh, add that to another way spammers are trying to spam Sumea. [:(]

I can't edit the logs page. [:(]

Submitted by mcdrewski on Fri, 02/09/05 - 3:00 AMPermalink

quote:

...Spammers are using some script to register usernames with a common pattern (name + numeric number)

b*stards. i wonder what using non-numeric number would look like though. [:)]

quote:
I can't edit the logs page. [:(]

...but your webhost should if you request it! there's no good reason to let robots browse it AFAIK.

Is there anything we can do to assist? Take on email filtering roles or something? Are you looking for an army of ninja robots or special ops gerbils that we can provide?

Submitted by souri on Tue, 06/09/05 - 3:27 AMPermalink

Probably the only way to resolve things would be to relocate to take another domain name and wait to get attacked again. Not really anything else I can do. All these spam attempts are really another kind of DOS attack, to be honest. It's funny, when I reset the server (which resets the recorded number of Sumeans online), it only takes a few minutes to see that number fly back up to over 4-500. I think that tells you about how many bots and scripts are hitting the site. Some are legitmate, of course, but I'm betting that most aren't.

Submitted by souri on Mon, 16/01/06 - 1:38 PMPermalink

Ok, comment spam is still slipping through, and I've pretty much have had enough of it.

So from now on you can't post links in the comment areas on Sumea. If it's got the hallmarks of a link, then it'll get rejected. Later, I'll make it so that only profile members who've logged in can only post links if they really need to, but hopefully this will be the end of it.

Submitted by CynicalFan on Mon, 16/01/06 - 11:11 PMPermalink

You know if there is a hell, I hope they have a special place just reserved for spammers [;)].

Almost makes me want to become a Christian just so that I can believe in it.

Submitted by souri on Thu, 19/01/06 - 7:24 AMPermalink

They're just so bloody annoying. It isn't just the website related spam that's getting to me, email spam is slipping through as well. The current trend, which gets past Thunderbird's filters, is these empty email spams with images. I'm getting a tonne of them.

Submitted by souri on Thu, 27/04/06 - 4:18 PMPermalink

Another update on the endless spam problems on Sumea which doesn't really affect anyone but me.

Comment spam is pretty much no more. Used to get hundreds a day, but I haven't spotted any in months. If you have a comment spam problem, just remove the ability to post links, and that should be the end of it.

Bounced emails from forum registrations is no more - I think the spammers gave up on that one.

The current problem now is spammers forging the from/reply-to headers in the email to make it look like it's from a sumea email address. They'll send it to a huge variety of email addresses, and if it bounces, it gets bounced to a random sumea email address. It's a bit clever, in that when they send spam, it can potentially go to twice the number of recipients. The problem here is that the only person it can go to is me, so once the spammers realise this, hopefully they'll stop and move on. Getting tired of checking my email and receiving a tonne of these emails, *all with attached images*...

Submitted by souri on Wed, 28/06/06 - 5:53 PMPermalink

Ok, comment spamming is back. And it's probably the worst kind of comment spam, because it's impossible to prevent. They're spamming the comment areas (mainly member's profile comments and news items at the moment) with jibberish, which you can't really filter. No description of their dodgy product or service, just a bunch of random letters or words. You can see an [url="http://www.sumea.com.au/sprofile.asp?member=139&id=139&mode=comments"]example here[/url]. Yeh, it's all pretty pointless, and I have no idea why spammers would make their scripts do this, other than to waste someone else's time and resources cleaning all the mess up.

Once I finish working on updating the backend to remove spam better, it shouldn't be as much of a problem anymore.

Submitted by J I Styles on Wed, 28/06/06 - 7:34 PMPermalink

Maybe we need to do email auth on it... so the old mail out with activation link?

I also deleted a job post in the jobs area which was a financing company of some sort -- googled and came up with it spammed on boards all over the web :/

Submitted by souri on Wed, 28/06/06 - 7:57 PMPermalink

What was their username so I can lock it.

Submitted by souri on Thu, 29/06/06 - 6:45 PMPermalink

Ok, he's locked.

I've finished the backend stuff, and gone through and removed all the spam from members and news this morning. Removing spam is easy, but when there are hundreds of them that you have to mark as spam then click the selected comments to remove etc, it gets pretty darn tedious.

So when I removed them all (which took a while), I had a look in Sumea Comments just to recheck things, and found that the damn spammer made another hundred posts while I was busy. Yeh, it's getting highly annoying.

If you ever see spam, click on the comment abuse button. That'll at least get rid of half the job for me.