The stupidest blacklist

Discussion of all aspects of the website, wiki, and forums, including support requests and new ideas.

Moderator: Forum Moderators

vicza
Posts: 238
Joined: January 16th, 2008, 11:40 pm
Location: Moscow

The stupidest blacklist

Post by vicza »

Sometimes, when I want to post a message to the forum, I receive the error message like this: "Your IP 83.237.253.114 has been blocked because it is blacklisted. For details please see http://www.spamhaus.org/query/bl?ip=83.237.253.114. Well, I switch my router off, then switch it on, wait until it connects to ISP and receives a new IP...
But -- do you really think that this way you are fighting with spam? These are dynamical IPs, anyone could use it. A user is not responsible that someone somewhere maybe used this IP for spam. Or just (as this spamhouse says) "this IP range doesn't meeting their policy for IPs". I don't care about stupid spamhouse and their stupid policy! I do not send spam, why must I receive these messages? And only on this forum, I haven encountered this problem on other forums...
kodama
Posts: 5
Joined: February 15th, 2008, 11:11 am
Location: Japan

Re: The stupidest blacklist

Post by kodama »

You are barking at the wrong tree; the administrators of this forum are not responsible for the IP blacklisting policies of ISPs, nor for the route the packets take from *your* computer to the server.
vicza
Posts: 238
Joined: January 16th, 2008, 11:40 pm
Location: Moscow

Re: The stupidest blacklist

Post by vicza »

kodama wrote:You are barking at the wrong tree; the administrators of this forum are not responsible for the IP blacklisting policies of ISPs, nor for the route the packets take from *your* computer to the server.
I understand. But why they use it? If we'd post anonymously, it could be understood yet. But we are posting from our accounts, so are responsible for our postings anyway. Why, then, use these irrelevant blacklists?
User avatar
Mist
Inactive Developer
Posts: 753
Joined: February 15th, 2007, 8:44 am
Location: Milton Keynes, UK

Re: The stupidest blacklist

Post by Mist »

Because they are not irrelevant. There is a high number of spambots able to register and activate themselves on any phpBB scripts, without blacklisting the IP ranges they usualy come from we'd be drowning in spam (we used to ban/remove roughly one bot per day on old forums before the move).

You've got my deepest symapthy because of this, but I'll not remove the blacklisting and I can help the fact that most of this kind of spam activity comes from Russia.
Somewhere, between the sacred silence and sleep.
Disorder.
User avatar
zookeeper
WML Wizard
Posts: 9742
Joined: September 11th, 2004, 10:40 pm
Location: Finland

Re: The stupidest blacklist

Post by zookeeper »

Mist wrote:Because they are not irrelevant. There is a high number of spambots able to register and activate themselves on any phpBB scripts, without blacklisting the IP ranges they usualy come from we'd be drowning in spam (we used to ban/remove roughly one bot per day on old forums before the move).
They get through the confirmation code in the registration phase?
User avatar
Mist
Inactive Developer
Posts: 753
Joined: February 15th, 2007, 8:44 am
Location: Milton Keynes, UK

Re: The stupidest blacklist

Post by Mist »

Some of them did. The one that did not were still displayed on the user list with links to porn/pharma sites.
Somewhere, between the sacred silence and sleep.
Disorder.
AI
Developer
Posts: 2394
Joined: January 31st, 2008, 8:38 pm

Re: The stupidest blacklist

Post by AI »

OCR works pretty well, and even if you only have a 10% successrate, you can just try and try again.
nataS
Posts: 166
Joined: January 28th, 2008, 3:21 pm

Re: The stupidest blacklist

Post by nataS »

With phpBB 3 the amount of spambots that get through seems to have been greatly decreased. Before this, if you had a popular forum, and did not take some sort of protective measure. You could count on over ten spambots a day. I suggest you complain to your ISP they should give you a static IP. And if that is not possible, switch to another ISP. I'm not fully aware of spamhouse policy, but it's very well possible they block the ranges because of lack of action from your ISP.
User avatar
Lizard
Posts: 352
Joined: January 19th, 2008, 8:20 am
Location: Hiding in a swamp (gtm +1; DST)

Re: The stupidest blacklist

Post by Lizard »

zookeeper wrote:
Mist wrote:Because they are not irrelevant. There is a high number of spambots able to register and activate themselves on any phpBB scripts, without blacklisting the IP ranges they usualy come from we'd be drowning in spam (we used to ban/remove roughly one bot per day on old forums before the move).
They get through the confirmation code in the registration phase?
I recently read s.th. about that*. The Bot takes the image, some fake site displays them and send the Code back or s.th. like that.

* C't a computer magazine. English site of the Publisher.
~ I'll heal you by 4 hp if you post next to me ~
Have a look at the Era of Strife, featuring Eltireans, Eventide, Minotaurs, Saurians and Triththa
vicza
Posts: 238
Joined: January 16th, 2008, 11:40 pm
Location: Moscow

Re: The stupidest blacklist

Post by vicza »

Mist wrote:You've got my deepest symapthy because of this, but I'll not remove the blacklisting and I can help the fact that most of this kind of spam activity comes from Russia.
Well, even if so, but if a user has written, say, 50 messages (or even 10 would be sufficient), can't you tell that he is not spammer? Why filter all users, not only the very new ones?
User avatar
Mist
Inactive Developer
Posts: 753
Joined: February 15th, 2007, 8:44 am
Location: Milton Keynes, UK

Re: The stupidest blacklist

Post by Mist »

Blacklist filtering happens *before* any sort of forum authorisation, there is no possbility to plug exception into these rules. The IP is checked as a first thing, if that check fails there is no further authorisation or user recognition.
Somewhere, between the sacred silence and sleep.
Disorder.
User avatar
Aethaeryn
Translator
Posts: 1553
Joined: September 15th, 2007, 10:21 pm
Location: Baltimore, Maryland, USA

Re: The stupidest blacklist

Post by Aethaeryn »

Mist wrote:Blacklist filtering happens *before* any sort of forum authorisation, there is no possbility to plug exception into these rules. The IP is checked as a first thing, if that check fails there is no further authorisation or user recognition.
Isn't it then a big flaw in phpBB design to have a blacklist and no whitelist?
Aethaeryn (User Page)
Wiki Moderator (wiki)
Latin Translator [wiki=Latin Translation](wiki)[/wiki]
Maintainer of Thunderstone Era (wiki) and Aethaeryn's Maps [wiki=Aethaeryn's Maps](wiki)[/wiki]
User avatar
Mist
Inactive Developer
Posts: 753
Joined: February 15th, 2007, 8:44 am
Location: Milton Keynes, UK

Re: The stupidest blacklist

Post by Mist »

Eh? And what has that to do with anything?

The blacklists we talk about are external resources, checking against them has one sole purpose - to prevent sources known to have bad history ANY activity on a site, puting holes in blacklist checking mechanism defeats the whole point. Basicaly if you know there is a lot of spam coming from an IP range why on earth would you want to allow any activity form that range?
Yes, you could in theory put a check later. But. It would mean checking each possible link click/http querry against both white and blacklists. Or introducing very expensive sesion managment schemes. The bottom line is that other possible solutions are either resource expensive or mean huge performance drop.
Somewhere, between the sacred silence and sleep.
Disorder.
-stf-
Posts: 76
Joined: December 19th, 2007, 10:27 pm
Location: Prague, Czech Republic
Contact:

Re: The stupidest blacklist

Post by -stf- »

I have an idea how to solve this without strict banning of IP address and neither performance drop.

I suppose that after IP address is on blacklist, any attempt to write in forum produces error 403 - access denied.
My suggestion is to extent this error to form with question i.e. to solve any aritmetic operation or so. As this:

(hidden)id=vuruvtre84c7v8dv
125 + x - 15 = 27
Write correctly x: (______)
(continue)

Spambot should identify this as normal 403 error, but user can answer the question correctly to get further. Proper x can be stored on the server together with hidden random identification code and time for this request and compared after user clicks (continue). This should not do more server load than normal page from forum. Unused codes can be deleted after timeout i.e. 5 minutes by cron. 99% of people should be able to answer without problem.
User avatar
irrevenant
Moderator Emeritus
Posts: 3692
Joined: August 15th, 2005, 7:57 am
Location: I'm all around you.

Re: The stupidest blacklist

Post by irrevenant »

-stf- wrote:99% of people should be able to answer without problem.
I think you overestimate the average user's math skills. I'd guess the number at more like 75%.

It'd help if you flipped the order of the question around (125 - 15 - 27 = ??), and made the question a lot easier ("What is 7 + 10 ?").

It should further confuse bots if you use text rather than numbers. eg. "What is seven plus ten?". (Accept either "seventeen" or "17" as an answer).
Post Reply