Journal MysteriousPreacher's Journal: Spammers and guestbooks 18
Since posting a guest-book on my site, it's been hammered by spammers. Here's my guest-book if you're interested in seeing what's happening.
I've modified my script now so that they can't spam me anymore. I left the examples there because I'm in the process of complaining to their hosting company to hopefully get this spamming stopped.
If you've had guest-book or forum spamming like this, I would strongly urge you to mail the hosting company. Generally, for the Baikal and Umax stuff, it seems to be Everyone's Internet. I'm not saying here that the owner of these sites is spamming but it seems odd that the spam is being referred by the owners sites and is advertising his sites.
At this point, it's hard to say whether the hosting company will help. I've emailed them and had some replies but nothing concrete yet.
I've tried to contact the various sites via the Contact links they have but they are all broken. The web sites being linked are generally very low-quality. Most of the links are dead. Here's an example Baikal Guide. Don't worry, this doesn't have porn or anything on it, just a lot of very bad html.
So far in 3 days, I've had around 100 spam attempts on my guest-book, all thwarted by the protection I put in place. It's crude but at least it stops the Umax adverts.
Registration (Score:2)
It has come to pass that the only way we can avoid these freaks is constant vigilance and registration coupled with banning hosts and threats of violence(my personal faviourit j/k).
an old site i used to help admin had a ban list that was absoloutly massive , we ended up having to convert it to C to speed it up(joke).They just keep hamering away even though you make it perfectly clear they are not welcome
Good luck with getting them in crap from the ho
Re:Registration (Score:2)
Re:Registration (Score:2)
Excuse the state of the guestbook. It's hidden from my normal site users, it's just there as a honeypot really. I'm hoping that if I drown the hosting company in evidence, they'll listen.
Yeah, the banlist approach is a pain. So far, I get away with just having to check for the word 'Umax' since that's the place the spammers keep advertising. It doesn't really affect performance yet.
I really hope the host do something. I h
Re:Registration (Score:2)
http://dimattic.com/auto.pl [dimattic.com]
It looks like a script to auto-populate guestbooks to me but I'm not to hot with this kind of thing.
I think
Re:Registration (Score:2)
Hm having a look at it , it apears that this is after server parsing(its converted to html and javascript so this is the end result) so im unable to tell how it does what it does really , my javascript is not great(read
It apears to be some sort of random populater
Re:Registration (Score:2)
I'm not sure how the system works but the spammers seem to change their IPs and email addresses each time - I think both are being spoofed or they are coming from zombies. The only constant would be the site they are linking to and the referrer.
Mind you, the comments, as you probably noticed, tend to be very similar. Things like
"You good site, much good, mail me"
One good things that comes out
Re:Registration (Score:2)
Perhaps dissalow Http , www ,
Basicaly block any open spam urls , as it does not really matter if it goes to the website bit
Sad but true , i do belive they probably are zombie nets
Well help you glad i could , Hm training yours ready is not young jedi
Re:Registration (Score:2)
I just need to find a PHP script that will cause spammers to combust and then the problem will definitely be solved.
Re:Registration (Score:2)
Re:Registration (Score:2)
As you suspected, the link is an autopopulator...
It appears to contain a database of known, easy-to-populate guestbooks/bulletinboards (I saw some phpbb references in some of the scripts)...
Then it generates two submission forms, and two 1 pixel by 1 pixel iframes, and creates a couple of guestbook entries in the submission forms...
The javascript submits the forms, and the results are displayed in those tiny iframes...
My guess from the name of the iframes ("_msn_bot") and the way the thing is s
Re:Registration (Score:2)
Just to confirm something though. So, would this script be triggered by people visiting it with particular browsers?
Normally I use Firefox and just see the code. I just visited it with IE (on Mac OS X), and it actually loaded some kind of form with some auto-submission thing going on.
Would the idea behind this to be trick people in to visiting the page and so spamming guestbooks and forums?
With the info you've given me, I feel a lot more
Re:Registration (Score:2)
Normally I use Firefox and just see the code. I just visited it with IE (on Mac OS X), and it actually loaded some kind of form with some auto-submission thing going on.
Yes... the script makes no effort to determine the browser, or anything else as far as I can tell... However, users of IE will get the page rendered because IE ignores the servers instruction to treat the page as text/plain, and instead renders it as text/
Re:Registration (Score:2)
Thanks again, this really clears things up for me.
BTW. Not sure when or why I marked you as a friend. To be honest, I was about to mark you as a friend when you posted the first reply here but noticed I had already marked you.
I normally mark people as a friend if I had a good discussion with them or if I see some good posts. You must have posted something I liked a while back. For the life of me though
Re:Registration (Score:2)
Woz, Others Ask Apple To Go Easy On Tiger Leak [slashdot.org]
I strongly believe this as
Re:Registration (Score:2)
Re:Registration (Score:2)
Re:on the issue of spam... (Score:2)
Sorry to hear about your story PDC, must have been difficult for you.