Housekeeping: A Few Words About Spam

P1270828

A ton of Armed Intelligentisians have already found the new Free Fire Zone, TTAG’s forum where you can talk about whatever you want with like-minded (or not) individuals. And you may have noticed that we’ve had a bit of a spam problem recently. For the moment we have it licked, but as a result one of the administrators will need to manually enable your account before you can post. At most, we’re talking a 12 hour delay. I’m looking into a better long term solution that will remove this headache, but unlike Hornady’s top secret prototype (pictured above) we don’t have a spam-seeking bullet we can unleash. Yet. To all those who have already created an account and posted, thanks. And to everyone else, what are you waiting for?

comments

  1. avatar Mike C. says:

    I find it ironic that Nick Leghorn works in data security at RackSpace, but you guys are incapable of setting up a spam blacklist.

    1. avatar Nick Leghorn says:

      We use a load balanced setup, meaning the source IP of all the traffic is the load balancer. Things get complicated when you go big.

      1. avatar Rich Grise says:

        I don’t know what it takes do sign in – it was so trivial I didn’t even bother to remember it. I didn’t notice if there was an email intercept, or a “captcha” – type puzzle thingy, but that’s what I’d recommend.
        In any case, I’d be interested in reading about what you did and so on.

      2. avatar Mike C. says:

        Things get complicated when you go big.

        Which means you dont understand what you’re doing, or you’re lazy.

      3. avatar Mike C. says:

        meaning the source IP of all the traffic is the load balancer

        What load balancer are you using? F5 doesnt do this. And someone has to know the source IP of the client, otherwise the traffic would never get sent back. Also I know F5 balancers can have their own blacklists.

  2. avatar Matt in FL says:

    I still think the suggestion to change the “FFZ” on the top bar to “Forum” or “Free Fire Zone (Forum)” is a good one, so that more people find it. You may want to hold off on that until you get the authentication issue worked out, though.

    Are you using the latest version of phpBB? I know when I was running a phpBB based forum a couple years ago, the fact that the CAPTCHA on that earlier version was known to be hacked was a “known issue.” Upgrading to the latest version (at that time) allowed use of things like reCAPTCHA (that’s the one with the two words instead of the letter salad of the current CAPTCHA) and the “human check” questions, where you could input a specific question that required an answer (e.g. “What does TTAG stand for?” A human can type out the answer, but a bot won’t.)

    1. avatar Mike C. says:

      Matt, please stop pretending like you know about data security, services similar to Mechanical Turk will bypass both.

      1. avatar AlphaGeek says:

        FWIW, I *do* know about data security (and have worn the “Chief Security Officer” title in the past) and in my professional opinion Matt makes a perfectly good point.

        Security is not an event, it’s a process. Focusing on only one threat vector (e.g. the Mechanical Turk method you cite) does little or nothing to address the overall problem. If anything, that’s a net negative because someone following your advice might believe that if their solution addresses the Mechanical Turk attack vector, then they’re secure. Yeah… no.

      2. avatar William says:

        OOOH! CHICKEN FIGHT, EVERYONE!!!

    2. avatar Bad Matt says:

      Mike C, it appears you are suffering from “small weiner” syndrome.

  3. avatar ready,fire,aim says:

    when i think of spam i think of the monty pyton skit….spam,spam,spam,spam…..spamity spam, LOL

    1. avatar A-Rod says:

      Fried spam sandwich with mustard and cheese, to go, please.

    2. avatar AlphaGeek says:

      That is, in fact, the origin of the term. I’ve been doing Internet stuff so long that I know (but was not part of) the group of people who jokingly coined the term spam and were amused to see it become part of popular culture.

    3. avatar Rich Grise says:

      My Dad was raised in Austin, MN, where the Hormel “packin’ plant” is, so we had a lot of spam when I was a kid. I love it! Spam sandwiches, Spam and eggs for breakfast, roast spam, spam chunks in scrambled eggs, the list goes on and on…

      1. avatar William says:

        Decent Apocalypse grub; nothing more, but a LOT less. Next you’re gonna spout POTTED MEAT haut cuisine?

        EYEBALLS! PECKERS!!! Slingblade NAILED it!
        Raven cuisine. Trust the Raven if you wanna eat low on the hog!

  4. avatar Shwiggie says:

    Changing platforms is a good first step in solving this problem. I never liked phpbb from an administrative standpoint.

  5. avatar Swarf says:

    So if we’ve already created a forum ID we’re good, or do we need to do it again and go through the admin approval thing?

  6. avatar Kirk says:

    The picto-graph thingee I recommended continues to perform very well.

  7. avatar SubZ says:

    A couple of sites I frequent (VBB) have a thing that kicks any registration that takes under 7 seconds to complete. Has been working very well…

    1. avatar Nick Leghorn says:

      That’s… I gotta check that out..

  8. avatar DrVino says:

    Go with PHP BB

Write a Comment

Your email address will not be published. Required fields are marked *

button to share on facebook
button to tweet
button to share via email