incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hagar Delest <>
Subject Re: Response to spam on the user forum
Date Mon, 23 Apr 2012 19:35:18 GMT
Just some figures:
There was more than 1800 spam posts Sunday evening (few online mods this day - like me - I
The top posters had about 135 posts then 70 (single accounts). IP seems to be in Bangladesh.
Almost 200 accounts have been banned in 3 days (from Apr. 19to Apr. 22).

I've set a flood limit at 120 seconds and the posts were then following every 120s too, so
I think the denial of service is a good hint. It would confirm the shut down of the forum
(too many connections) on Apr. 18. I've reset twice the most users online count: has been
2100 on Apr. 18 then 1825 on Sunday! Max number has never been above 300 at normal time.

There are some MODs against spam so a pure phpBB solution should be enough. But we need the
right adminfor that. It's under progress with imacat.


Le Mon, 23 Apr 2012 17:46:09 +0100, Rory O'Farrell <> a écrit :

> On Mon, 23 Apr 2012 10:23:28 -0600
> "F C. Costero"<>  wrote:
>> Thanks for the input Rob. I will pass it on to the forum. Some of the
>> volunteers commented over the weekend that it was more like a denial
>> of service attack. At one point the forum did become unavailable but
>> Hagar contacted Infra and it was back on line promptly. A few spam
>> messages are still coming in, at a rate I would have called high
>> before last week, but things remain vastly better than the weekend.
>> Francis
>>> What you are seeing is odd.  A successful spammer does not work this
>>> way.  They want their posts to survive and persist, to have impact. To
>>> build up Google Pagerank they want posts on 400 different websites
>>> rather than 400 posts on one website.  It doesn't make sense to send
>>> 400 to one website, since that will obviously draw attention from
>>> moderators.  This sounds more like a denial of service attack than
>>> spam.
>>> But a few ideas that might work, based on my experience running forums:
>>> 1) Change the CAPTCHA used in your registration.  What you have right
>>> now is too easy.
>>> 2) Much forum spam is targeted at getting links to raise their search
>>> engine position. You can remove that incentive by ensuring that all
>>> links given by users are given the rel="nofollow" attribute.  Most
>>> major sites, like Wikipedia, online newspapers, etc., do this in order
>>> to reduce the incentive to add spam.   I have the impression that the
>>> spammers search the web for high Pagerank websites that do not cloak
>>> their URL's with nofollow.  These sites are targeted by spammers.   If
>>> we get off that list, then we'll get less spam.
>>> 3) Longer term, maybe there is some way we can run forum posts through
>>> Apache's SpamAssasin?  It would probably require some custom app dev
>>> with phpBB, but it could result in a very sophisticated anti-spam
>>> solution.
>>> -Rob
>>>> Francis
> The situation is improved on what it was, but still unacceptable.  I have Moderator privileges
on the Forum and in 3.5 hours I have banned at least 15 spammers and directly deleted their
postings/topics rather than move them to holding locations, as I see no need to clutter these
up with undoubted spam; there have been sometimes as many as five or six postings by a spammer.
Acknak and Hagar have also been active during that period and I do not include their totals;
the moderator logs which are accessible to Apache Observers will show the extent of the problem,
which a visit to the main pages of the Forum will not, as we are trying to keep the Forum
running as normally as possible.

View raw message