banning entire countries

[Vince S]

Spam DOES exist without technology... And even then, you should not strike back with the same cause..

Oh and spam is defeatable for the most part WITHOUT banning country's..

Leaving the first line alone because I do not understand how it could be true, I was trying to earlier make the point that a lot of people walk away from forums, or are greatly impacted at a personal level, because there is no clear helpful way to go about it and, after all, this was the real problem in the first place.

So far we don't have an answer on the table that we plebs can pick up and use.........!

[Vince S]

Of course they cannot offer that, they can offer 50% but more or less not higher.

basis?

Edit: What they do offer is this:

Cost    Free    Accuracy    99.5%    

$50 initial, $12 per month of updates Accuracy    99.8%

[NanoSector]

Ever heard of anti-spam modifications? Maybe a good idea to use these..

EDIT: Eeh, my basis is this thread.., many people pointed that out...

[Arantor]

Neither you nor I are qualified to create the technology that will allow us to catch 90%+ of the spammers before they hit our boards

Uh-huh. That's why my site has had a grand total of 23 spam posts in months, from 2 different human spammers - because my site has a custom CAPTCHA that has two notable differences to any other CAPTCHA out there at the moment. Oh, and you should be aware that I was able to write a patch earlier this year to ward off the attacks that were happening on many SMF forums, a simple two line patch that nailed that particular attack dead in the water. Maybe I am a little more qualified to create such technologies, because I understand that I'm trying to solve a sociological problem with a technical solution which can only be partially effective, and temporarily so, at best.

So you ban countries. There's enough zombie machines out there which can bypass that.


Actually, you should probably do some homework before trying to lecture about how spam is technologically based. One of the major methods of getting around spam defences is not technologically based: it's paying people $1 to solve 1000 CAPTCHAs. Since the exchange rate makes that quite lucrative in some countries, no amount of technology is going to prevent you fighting that - because that's HUMANS solving CAPTCHAs. Like I said: it's not a technological problem. (By your analogy, having invented the telephone is the cause of telemarketers phoning you up. It's not: it's still a sociological problem that telemarketing works, not the medium that carries it.)

I don't think so as all that SEEMS to be happening is a refusal to engage on the logic, instead something else is going on.

Most of the people trying to explain why the logic fails have been running forums for years, and have likely already tried such an approach. I know I tried it about 4 years ago, and it started failing about 3 years ago on that particular community which is by definition international (I no longer have anything to do with it, though)

So, to put it plainly, why wouldn't we look at using easy to apply technology to get a BIG benefit for many easily and quickly with the only POSSIBLE downside being that those that chose to use it might slightly increase the demand on their servers?

Because it's not a slight demand on the majority of servers for the majority of users here. The majority of users here are running on lower end shared hosting, and most of them won't have the relevant PECL library installed. Maybe some of the hosts will install it, but it's unlikely, which means they're running the PEAR version. And loading all that code every single page load, which is not insignificant.

I also don't get why it wouldn't work on this site?

Because this site EXPLICITLY is multi-national. Look at how many languages SMF supports. You can't block all the countries and still provide international support! There's no country you could viably exclude on this site!

Remember we are just talking about an attempt to filter out human registrants not block forums with total bans

An increasing trend is for humans to sign up and pass through the early protections in order to get an account up to the capacity for spamming, especially in light of the above facts. Hardening the shell is one method but it's a bypassable method, and likely to be moreso as time goes on.

So far we don't have an answer on the table that we plebs can pick up and use.........!

You do, as I think this thread has said already. Stick a question in the registration, in SMF 2.0 it's a built in feature. Put some questions that only genuine users of your site are likely to know the answer to, which is even more effective than a technological block against some likely-to-be-obsolete-soon database. The spammers will not likely know the answer and move on because it's cheaper for them to do that to any one of the other sites out there, than it is for them to spend time researching the subject.

IOW, using a sociological solution to a sociological problem, not a technical one.

[Vince S]

Well thank you Once for engaging on the content. There is enough meat in there to say that, despite some of the peripheral aspects this shouldn't be picked up as a feature.

As I pointed out also we already have the ability to do country IP banning anyway. My particular method is a bit blunt but for my particular purposes works just fine and it is easy and quick to implement. A bit of time studying the free GeoIP database might allow me, or Galahad or others, to quickly refine the actual list of IPs that we entered manually, or use the GeoIP system as is. This however is a discussion under a general SMF thread where maybe this topic should go?

The separate section of "other benefits" may be worth more scrutiny, wanna turn the handle on that one or take it to a new thread?

[Arantor]

Your particular method solves your problem. That's it. The method I suggested works on just about any site (and with refinement can be made to work on any site you care to name), with no extra performance penalties, no extra databases that need to be maintained, no extra keeping an eye on anything, no extra dependencies that go out of date.

You can pursue your solution if you like, but honestly, you're solving the wrong problem, as regular readers of my blog would likely be able to tell you.

I fail to see what possible benefits there could be of excluding groups of users that could loosely be termed by country when you can exclude them sociologically and narrow the field to people you actually want.

You see, that's where your solution and mine differ. For your community, you can exclude all but a relatively narrow selection of people because it's a local community. But instead of creating a list and saying "I don't want anyone on this list to get in", which is by definition flawed, why not turn it around to "I want people meeting these criteria only". Any security researcher will tell you that a whitelist is by definition stronger than a blacklist all other things being equal because blacklists only keep out things you know to be bad and assume everything else is fine - you're assuming that anyone in your local geographic area is a potential candidate, which isn't really the field of your forum.

There is very little that a geographic based solution can actually do for you if you stop to look at what you're saying. Consider it also, your solution would rule me out from registering on your site to do any technical work for you - as a random example, just because I'm not in your geographic area.


I honestly don't think this is a solution worth pursuing, and it's not one I'm pursuing in the work I'm doing at present, though anti spam defences are very much something I am actively pursuing.

[butchs]

I too have been busy developing new anti-spam technology.  I do not believe that country ip banning and blacklist banning is worth while.  Both block users you may desire.  I prefer to block by the minute or hour.

I have been working on multiple extra honey pot methods upstream and downstream of my mods, some of which have never been used before.  They are designed to be Google safe and rather difficult for a bot to detect.  It has worked well on all my live tests.  I expect to release it soon.

I plan to release this new technology with SMF 2.0 Gold or until I grow impatient.  Whichever come first... 

[青山 素子]

The spammers will not likely know the answer and move on because it's cheaper for them to do that to any one of the other sites out there, than it is for them to spend time researching the subject.

IOW, using a sociological solution to a sociological problem, not a technical one.

It's more an economic solution to an economic problem. You've just made it more expensive for spammers to get in than any potential short-term gains before they are detected. Even if everyone else does this, you're still somewhat protected as you have raised the cost of their business considerably to where it's not economical.

There was quite a problem way back when fax machines were very popular. Junk faxes. These were popular because phone time was cheap compared to printing and postage. After all, the recipient bears the costs of the advertising rather than the advertiser. It took a law to go into effect with heavy fines and a few judgements against such junk fax senders before they became mostly a memory. The solution was economic - make the cost of spamming fax machines higher than the return from the few that use the offers.

I honestly don't think this is a solution worth pursuing, and it's not one I'm pursuing in the work I'm doing at present, though anti spam defences are very much something I am actively pursuing.

Agreed. It's a weak and easily-bypassed method.

As for the 99.5% accuracy, assuming an even distribution (it's not - heavily distributed areas like RIPE and APNIC will have more errors), you are still getting wrong info on 214 million IP addresses. It looks like a small percentage, but the raw number is very high.

[spamhelp]

As a noob here too but having been in the IT industry for 15+ years I too need help with this. I am being DAILY bombarded with literally a hundred spammers a day and I tried wildcards and banning providers. I am near the point of just taking my sit down.

Captchas don't work anymore, and doing member approvals is just too time consuming. I have 3 members who police our home and 2 admins including myself. Shoot my ban list is over 10 pages long now.

If ANYONE can help me I would be very appreciative. Please feel free to contact me.

[spamhelp]

I would like to be able to ban all signups from China, Bangladesh, and a couple of other countries.  It would be fantastic to have a routine that would check the IP location and just do it.  I don't have a single member from those countries and have multiple attempts daily from spammers.  Because it is remotely possible that a real person might want to join the boards it would be fantastic to have an exception routine so that if a real person were to send an e-mail to one of the moderators they could allow an exception.

======================================================================

YES,,, I need this too

[Kindred]

have you already added the other anti-spam features?

Stop Spammer
bad behavior+httpBL
plus human questions (a feature in 2.0)
If it's really bad, and you know what you are doing, you can add the forum firewall mod as well.

[spamhelp]

have you already added the other anti-spam features?

Stop Spammer
bad behavior+httpBL
plus human questions (a feature in 2.0)
If it's really bad, and you know what you are doing, you can add the forum firewall mod as well.

===================================================================================
It is horrible. At the end of every day I end up with approx 45 bot memberships that can't confirm their emails but the worst part is I have approx 25-30 actual posts every day to deal with.
I have around 20 pages of IPs and whatnots triggered. Bout the only thing that is any deterrent is my being logged in and them seeing my name in bright red. LOL
Where do I research those other products listed? I am very interested in any help I can get.
Thank you
Fred

[Kindred]

All of those are available on the mod site

[Gamerkingzonline]

egads, NO! !!!

if you submit country IPs to stopforumspam, the entire country will be marked as spam for everyone!
Stopforumspam, unfortunately, has no oversight on submitting IPs

That would be a good idea if you were a cyber terriorst lol
XD

[live627]

spamhelp, with those mods you probably could cut back on your ban list. Unconfirmed, but a speed increase might be felt by your members too.

[JMV290]

Is it possible to require e-mail (or admin) verification of users in certain IP ranges?

This way I can stop a lot of spammers (most of which are using Polish, Chinese, or Russian hostnames) from signing up with ease without having to enable email verification for everyone or preventing a rare legitimate user from those countries from registering (90%+ of my userbase is in the US or Canada with a few in the UK or Japan).

I think the only legitimate user that wasn't from one of those four local was from Nepal but I wouldn't want to prevent users from Poland, Russia, or China from registering if one ever did happen upon the forum.

[Vince S]

Is it possible to require e-mail (or admin) verification of users in certain IP ranges?

The standard rego is an "all or none" approach, so it is Admin approval of all, or none - email confirmation is a waste of time these days, maybe other than for error checking. As people point out here you are better to ask a couple of content interest q's (feature in SMF 2.0) than try other blunter methods. But I have been using a blunt "ban them registering but give them a way round it" approach for years, it works just fine for our very geo specific forum. See http://www.simplemachines.org/community/index.php?topic=433818.msg3058964#msg3058964 earlier in this thread. It is not for everyone, but any legitimate registrants get a message about how to get around the default ban if they want, and so far only two have asked which was about them having offshore based IP's due to their employment arrgts. So this is easy enough to do and works a treat, but looks a bit like peeing in a public swimming pool to some around here!

[galahad]

I too have been busy developing new anti-spam technology.  I do not believe that country ip banning and blacklist banning is worth while.  Both block users you may desire.  I prefer to block by the minute or hour.

I guess it's time to close this out.  So the current status is:

Over the past four months we have had 2,345 requests for membership from China.
Over the same past four months we have had ZERO non-spam memberships from China.

IF a VALID person wanted to register from China a quick e-mail to ANY moderator would suffice.

But since the request to ban entire countries is a "waste of time" and "not a good idea" and otherwise inappropriate to SMF we'll just keep spending half an hour a day handling the problem.  And we're not going to mess with Non-SMF solutions because we are not qualified.

If the Admins or Moderators would like to lock this topic please feel free.  Clearly no simple solution is going to be forthcoming.

[Kindred]

I will note that there are plenty of mod solutions to avoid and prevent spam....

Adding country-wide bans as a FEATURE doesn't make sense - especially since your situation is very specific to your forum and not to the majority of world-wide forums.

As for banning countries. You can always add the country IP octet to your htaccess.

[青山 素子]

By the way, good luck working on country bans once IPv6 becomes widespread. The address space will be even more spread out and you'll wind up banning other countries you want. It's basically the same issue as you have today concerning banning countries, but worse. IP addresses don't know geographic boundaries.

This might be a bad thing for SMF to provide as a core feature, but anyone is welcome to make a modification that does this. That's the beauty of SMF.