Discussion in 'Spam Heaven' started by Kennedy, Aug 1, 2007.
.-.----.....-. .. ---.- .--. .... ---
Spam is the posting of advertisements, abusive, or unneeded messages on Internet forums. It is generally posted by automated spambots.
Spambots are automated programs designed to register on forums, disseminate spam, and leave. They usually supply a fake name, freebase email address, and sometimes mask their true IP address. Spammers can set the message that the spambot will post. Most spambots target one specific forum software or hosting company. Spambots are easy to identify by the nature of the message they leave, or the links in the signature. A typical post contains no topical content, but is accompanied by either spam links in the post itself, or in the user's signature. Some spambots will never post, and rely on the links in their signature to increase their search engine visibility. Looking up the spambot's user name with a search engine will often reveal thousands of registrations in unrelated forums.
An example of a spambot which has gained some notoriety since November of 2006 is XRumer. XRumer attempts to bypass anti-spamming mechanisms put in place by forum administrators, with some success. It uses a database of known HTTP proxies to mask the IP address of the poster, making it difficult for administrators to use a naive IP-banning mechanism.
Types of spam
Most spambot forum spam consists of links, with the dual goals of increasing search engine visibility in highly competitive areas such as weight loss, pharmaceuticals, gambling, pornography, real estate or loans, and generating more traffic for these commercial websites. Some of these links contain code to track the spambot's identity if a sale goes through, when the spammer behind the spambot works on commission.
Spam posts may contain anything from a single link, to dozens of links. Text content is minimal, usually innocuous and unrelated to the forum's topic. Full banner advertisements have also been reported.
Alternately, the spam links are posted in the user's signature, in which case the spambot will never post. The link sits quietly in the signature field, where it is most likely to be harvested by search engine spiders than discovered by forum administrators and moderators.
Effects of spam
Spam prevention and deletions measurably increase the workload of forum administrators and moderators. The amount of time and resources spent keeping a forum spam free contributes significantly to labour cost, and the skill required in the running of a public forum. Marginally profitable or smaller forums may be permanently closed by administrators. Forums that do not require registration are becoming rare.
Flood control: This forces users to wait for a short interval between making posts to the forum, thus preventing spambots from flooding the forum with repeated spam messages.
Some forums employ CAPTCHA (visual confirmation) routines on their registration pages to prevent spambots carrying out automated registrations. Simple CAPTCHA systems which display alphanumeric characters have proven vulnerable to optical character recognition software but those that scramble the characters appear to be far more effective.
Alternative is Textual Confirmation, promoted by bbAntiSpam: user should answer a random question to prove he/she isn't a spambot. Many people consider this method controversial, but it's one of the best spam protection methods for phpBB2.
Authorative voice: Using an external filtering service, such as Akismet, to get a verdict if the data is spam or not.
Posting limits: Limit posting to registered users and/or require that the user pass a CAPTCHA test before posting.
Registration restrictions: Applying careful restrictions can seriously impact bogus and spambot registrations. One approach consists in the denial of registration from certain domain extensions that are a major source of spambots such .ru, .br, .biz, or freebase addresses such as "gawab.com". Another, more labor-intensive, consists in manual examination of new registrants. This examination looks at several indicators. First, spambots often delay email confirmation by several hours, while humans will confirm promptly. Second, spambots will tend to create user names that are unique, and unlikely to already be used in the forum, preferring "John84731" or "JohnbassKeepsie" to the much more common "John." Third, using a search engine to investigate, one finds hundreds, if not thousands of profiles using the spambot login name, sometimes with the diagnostic spam post, or "banned" label.
Changing technical details of the forum software to confuse bots - for example, changing "agreed=true" to "mode=agreed" in the registration page of phpBB.
Block posts or registrations that contain certain blacklisted words.
Be wary of IPs used by untrusted posters (anonymous posts or newly registered users). A useful technique for proactive detection of well-known spammer proxies is to query a search engine for this IP. It will show up on pages that specialize in the listing of proxies.
Well that was an interesting read
----damn thank you.
happy birthday to you
happy birthday to you
happy birthday dear carls jr
happy birthday to you
now twinkle twinkle little star
how i wonder what you are
im freaking hungry now i post
time to get some more pig roast
Separate names with a comma.