9 Jun
2012
9 Jun
'12
9:16 p.m.
This is either a feature request or a request for discussing
solutions to the issue of known comment spammers against XWiki
installs.
There's known spammers like davycrokkett(a)hotmail.com (see
http://www.nielsmayer.com/bin/view/XWiki/DavyCrokkett ) which have to
be managed and curtailed for any XWiki install enabling comments.
During registration, it would it be nice to check sites like
http://www.stopforumspam.com/ and prevent registration emails from
going out to known comment spammers.
For example, the aforementioned spammer is listed at
http://www.stopforumspam.com/ipcheck/111.243.227.227
suggesting Current country of origin: Taiwan, Province of China
Date IP Address Username Email
1-Jul-11 07:31 111.243.227.227 coseteene davycrokkett(a)hotmail.com
30-Jun-11 18:29 111.243.227.227 Assusypesound davycrokkett(a)hotmail.com
30-Jun-11 13:43 111.243.227.227 Impuppota davycrokkett(a)hotmail.com
30-Jun-11 11:22 111.243.227.227 Biordaccoma davycrokkett(a)hotmail.com
30-Jun-11 07:01 111.243.227.227 rooviskitte davycrokkett(a)hotmail.com
29-Jun-11 23:59 109.230.222.175 Beethyemegree davycrokkett(a)hotmail.com
29-Jun-11 22:49 111.243.227.227 Kneefshes davycrokkett(a)hotmail.com
29-Jun-11 13:59 111.243.227.227 seltencarne davycrokkett(a)hotmail.com
29-Jun-11 13:31 111.243.227.227 inigneedync davycrokkett(a)hotmail.com
29-Jun-11 11:50 174.142.132.203 Beethyemegree davycrokkett(a)hotmail.com
29-Jun-11 11:50 174.142.132.203 phorilmiplism davycrokkett(a)hotmail.com
29-Jun-11 07:53 111.243.227.227 Agergeevame davycrokkett(a)hotmail.com
29-Jun-11 05:56 111.243.227.227 Atomnegmess davycrokkett(a)hotmail.com
29-Jun-11 05:50 111.243.227.227 Impuppota davycrokkett(a)hotmail.com
It would also be interesting for such flagged users to return a list
of associated IP's (such as above) which could be blacklisted as well.
I guess the correct solution would be to use
http://extensions.xwiki.org/xwiki/bin/view/Extension/Social+Login but
then the spammers would just end up getting twitter, facebook or
foursquare logins and use those instead of hotmail accounts.
-- Niels
http://www.nielsmayer.com
11 Jun
11 Jun
10:56 a.m.
New subject: [xwiki-users] features for dealing with known comment spammers in XWiki?
Hi Niels,
I am sorry to hear you`re having problems with trolls and I can perfectly
understand how annoying, disruptive and possibly costly that might be.
However, I would not encourage IP filtering based solutions to handle SPAM
in general, simply due to the scarce nature of IPv4 addresses (and the
resulting high number of possible false positives). When IPv6 will be
popular, maybe that will become a viable solution.
So yes, I`d also suggest that you try an e-mail based filtering system
(since there seem to be databases with problematic e-mails) where
individuals can be pinpointed and flagged as spammers.
My 2 cents,
Eduard
On Sun, Jun 10, 2012 at 12:16 AM, Niels Mayer <nielsmayer(a)gmail.com> wrote:
This is either a feature request or a request for
discussing
solutions to the issue of known comment spammers against XWiki
installs.
There's known spammers like davycrokkett(a)hotmail.com (see
http://www.nielsmayer.com/bin/view/XWiki/DavyCrokkett ) which have to
be managed and curtailed for any XWiki install enabling comments.
During registration, it would it be nice to check sites like
http://www.stopforumspam.com/ and prevent registration emails from
going out to known comment spammers.
For example, the aforementioned spammer is listed at
http://www.stopforumspam.com/ipcheck/111.243.227.227
suggesting Current country of origin: Taiwan, Province of China
Date IP Address Username Email
1-Jul-11 07:31 111.243.227.227 coseteene davycrokkett(a)hotmail.com
30-Jun-11 18:29 111.243.227.227 Assusypesound davycrokkett(a)hotmail.com
30-Jun-11 13:43 111.243.227.227 Impuppota davycrokkett(a)hotmail.com
30-Jun-11 11:22 111.243.227.227 Biordaccoma davycrokkett(a)hotmail.com
30-Jun-11 07:01 111.243.227.227 rooviskitte davycrokkett(a)hotmail.com
29-Jun-11 23:59 109.230.222.175 Beethyemegree davycrokkett(a)hotmail.com
29-Jun-11 22:49 111.243.227.227 Kneefshes davycrokkett(a)hotmail.com
29-Jun-11 13:59 111.243.227.227 seltencarne davycrokkett(a)hotmail.com
29-Jun-11 13:31 111.243.227.227 inigneedync davycrokkett(a)hotmail.com
29-Jun-11 11:50 174.142.132.203 Beethyemegree davycrokkett(a)hotmail.com
29-Jun-11 11:50 174.142.132.203 phorilmiplism davycrokkett(a)hotmail.com
29-Jun-11 07:53 111.243.227.227 Agergeevame davycrokkett(a)hotmail.com
29-Jun-11 05:56 111.243.227.227 Atomnegmess davycrokkett(a)hotmail.com
29-Jun-11 05:50 111.243.227.227 Impuppota davycrokkett(a)hotmail.com
It would also be interesting for such flagged users to return a list
of associated IP's (such as above) which could be blacklisted as well.
I guess the correct solution would be to use
http://extensions.xwiki.org/xwiki/bin/view/Extension/Social+Login but
then the spammers would just end up getting twitter, facebook or
foursquare logins and use those instead of hotmail accounts.
-- Niels
http://www.nielsmayer.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
12 Jun
12 Jun
10:16 a.m.
New subject: [xwiki-users] features for dealing with known comment spammers in XWiki?
Hi,
Here's a little proof of concept which should do the right general thing.
If you put the groovy script at the top of your registration page, you can
edit the content of the page to behave differently if the user fails an RBL check.
It would make sense to allow them in but lock the account and explain to them that
they will be checked by an admin.
Ofc I know the feeling of just wanting to use the big hammer myself.
Caleb
{{groovy}}
import java.net.InetAddress;
def rbls = ['.dnsbl.tornevall.org'];
String[] bytes = request.getRemoteAddr().split("\\.");
// Test
//String[] bytes = ['111','243','227','227'];
String reversed = bytes[3] + "." + bytes[2] + "." + bytes[1] +
"." + bytes[0];
def failedRbls = [];
for (String rbl : rbls) {
try {
InetAddress.getByName(reversed + rbl);
failedRbls.add(rbl);
} catch (UnknownHostException e) {
// expected
}
}
xcontext.get("vcontext").put("failedRbls", failedRbls);
{{/groovy}}
{{velocity}}
$failedRbls
{{/velocity}}
On 06/09/2012 05:16 PM, Niels Mayer wrote:
This is either a feature request or a request for
discussing
solutions to the issue of known comment spammers against XWiki
installs.
There's known spammers like davycrokkett(a)hotmail.com (see
http://www.nielsmayer.com/bin/view/XWiki/DavyCrokkett ) which have to
be managed and curtailed for any XWiki install enabling comments.
During registration, it would it be nice to check sites like
http://www.stopforumspam.com/ and prevent registration emails from
going out to known comment spammers.
For example, the aforementioned spammer is listed at
http://www.stopforumspam.com/ipcheck/111.243.227.227
suggesting Current country of origin: Taiwan, Province of China
Date IP Address Username Email
1-Jul-11 07:31 111.243.227.227 coseteene davycrokkett(a)hotmail.com
30-Jun-11 18:29 111.243.227.227 Assusypesound davycrokkett(a)hotmail.com
30-Jun-11 13:43 111.243.227.227 Impuppota davycrokkett(a)hotmail.com
30-Jun-11 11:22 111.243.227.227 Biordaccoma davycrokkett(a)hotmail.com
30-Jun-11 07:01 111.243.227.227 rooviskitte davycrokkett(a)hotmail.com
29-Jun-11 23:59 109.230.222.175 Beethyemegree davycrokkett(a)hotmail.com
29-Jun-11 22:49 111.243.227.227 Kneefshes davycrokkett(a)hotmail.com
29-Jun-11 13:59 111.243.227.227 seltencarne davycrokkett(a)hotmail.com
29-Jun-11 13:31 111.243.227.227 inigneedync davycrokkett(a)hotmail.com
29-Jun-11 11:50 174.142.132.203 Beethyemegree davycrokkett(a)hotmail.com
29-Jun-11 11:50 174.142.132.203 phorilmiplism davycrokkett(a)hotmail.com
29-Jun-11 07:53 111.243.227.227 Agergeevame davycrokkett(a)hotmail.com
29-Jun-11 05:56 111.243.227.227 Atomnegmess davycrokkett(a)hotmail.com
29-Jun-11 05:50 111.243.227.227 Impuppota davycrokkett(a)hotmail.com
It would also be interesting for such flagged users to return a list
of associated IP's (such as above) which could be blacklisted as well.
I guess the correct solution would be to use
http://extensions.xwiki.org/xwiki/bin/view/Extension/Social+Login but
then the spammers would just end up getting twitter, facebook or
foursquare logins and use those instead of hotmail accounts.
-- Niels
http://www.nielsmayer.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
2:32 p.m.
New subject: [xwiki-users] features for dealing with known comment spammers in XWiki?
Using email activation might prevent some spam, since user have to
manually activate their accounts, and if it's just a spam bot chances
are that the bot isn't yet that well adapted for XWiki as to know how to
verify their accounts.
Another trick that helped us fight spam on xwiki.org is to forbid
registration of users that enter the same first and last name, since we
noticed that all automatically created accounts followed this rule.
Another thing that helps us keep spam low is the IRC bot and the global
notifications watchlist. Whenever someone modifies something, the IRC
bot notifies that change, and at the end of the day the notification
mail also mentions it. Most of the time one of the devs that are on IRC
will immediately check that change and revert it if it's spam (and
delete the user account as well). But I guess that won't work for a
large active community wiki with lots of valid changes every day.
On 06/09/2012 05:16 PM, Niels Mayer wrote:
This is either a feature request or a request for
discussing
solutions to the issue of known comment spammers against XWiki
installs.
There's known spammers like davycrokkett(a)hotmail.com (see
http://www.nielsmayer.com/bin/view/XWiki/DavyCrokkett ) which have to
be managed and curtailed for any XWiki install enabling comments.
During registration, it would it be nice to check sites like
http://www.stopforumspam.com/ and prevent registration emails from
going out to known comment spammers.
For example, the aforementioned spammer is listed at
http://www.stopforumspam.com/ipcheck/111.243.227.227
suggesting Current country of origin: Taiwan, Province of China
Date IP Address Username Email
1-Jul-11 07:31 111.243.227.227 coseteene davycrokkett(a)hotmail.com
30-Jun-11 18:29 111.243.227.227 Assusypesound davycrokkett(a)hotmail.com
30-Jun-11 13:43 111.243.227.227 Impuppota davycrokkett(a)hotmail.com
30-Jun-11 11:22 111.243.227.227 Biordaccoma davycrokkett(a)hotmail.com
30-Jun-11 07:01 111.243.227.227 rooviskitte davycrokkett(a)hotmail.com
29-Jun-11 23:59 109.230.222.175 Beethyemegree davycrokkett(a)hotmail.com
29-Jun-11 22:49 111.243.227.227 Kneefshes davycrokkett(a)hotmail.com
29-Jun-11 13:59 111.243.227.227 seltencarne davycrokkett(a)hotmail.com
29-Jun-11 13:31 111.243.227.227 inigneedync davycrokkett(a)hotmail.com
29-Jun-11 11:50 174.142.132.203 Beethyemegree davycrokkett(a)hotmail.com
29-Jun-11 11:50 174.142.132.203 phorilmiplism davycrokkett(a)hotmail.com
29-Jun-11 07:53 111.243.227.227 Agergeevame davycrokkett(a)hotmail.com
29-Jun-11 05:56 111.243.227.227 Atomnegmess davycrokkett(a)hotmail.com
29-Jun-11 05:50 111.243.227.227 Impuppota davycrokkett(a)hotmail.com
It would also be interesting for such flagged users to return a list
of associated IP's (such as above) which could be blacklisted as well.
I guess the correct solution would be to use
http://extensions.xwiki.org/xwiki/bin/view/Extension/Social+Login but
then the spammers would just end up getting twitter, facebook or
foursquare logins and use those instead of hotmail accounts.
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
4491
days inactive
4494
days old
3 comments
4 participants
participants (4)
-
Caleb James DeLisle -
Eduard Moraru -
Niels Mayer -
Sergiu Dumitriu