Amiga.org
Amiga.org specific forums => Amiga.org Discussion and Site Feedback => Topic started by: Wayne on September 15, 2009, 04:25:57 PM
-
With the inclusion of certain new anti-spam techniques, I have temporarily suspended the ban on gmail, yahoo, and other such common addresses so that people can use them for registration.
That being said, I can only caution you against actually using such public services. Without pointing a finger at any particular service, time and time again, each of these public and high-profile services has been proven to be hackable and unsafe for personal communication.
If the new anti-spammer measures don't keep spammers from registering using those addresses, I will have no choice but to go back and close that loop again.
Please understand that I'm not doing this because I hate said services, or because I want to make life here difficult for new registrations. We just have to do whatever is necessary to protect our server and site from such vermin.
Thanks for your understanding.
Wayne
-
Don't forget to take down the notice :)
-
Don't forget to take down the notice :)
Which notice would that be?
-
That being said, I can only caution you against actually using such public services. Without pointing a finger at any particular service, time and time again, each of these public and high-profile services has been proven to be hackable and unsafe for personal communication.
As if any Internet-based email system sans encryption (and sometimes with) is safe. ;-) None of them are reliable.
-
Just to put things in perspective, in the last 24 hours since installing the new spam filter, the system has blocked 364 accounts from being registered, all of which show up on the spammer list.
Those it let through were easily caught by me.
Since taking gmail / yahoo off the list about 2 hours ago, there have been no fewer than 29 attempts to use hacked gmail / yahoo accounts for bogus registrations.
Wayne
-
wow - I didn't realise the problem was this bad :-(
I've used a yahoo account since 13 years now - would hate to drop it, it's been my one stable email account over all these years
Tom UK
-
wow - I didn't realise the problem was this bad :-(
I've used a yahoo account since 13 years now - would hate to drop it, it's been my one stable email account over all these years
Tom UK
You are already registered. I shouldn't worry too much.
-
Just to put things in perspective, in the last 24 hours since installing the new spam filter, the system has blocked 364 accounts from being registered, all of which show up on the spammer list.
Those it let through were easily caught by me.
Since taking gmail / yahoo off the list about 2 hours ago, there have been no fewer than 29 attempts to use hacked gmail / yahoo accounts for bogus registrations.
Wayne
Yup, and that's why when I have kids, I'm going to lock them in their rooms without Internet access until they're adults. A world that allows anonymous email access just isn't safe! Maybe I'll skip kids altogether. ;-)
Trev [who daily discards a stack of junk snail mail, not all of which is legitimate--imagine that]
-
wow - I didn't realise the problem was this bad :-(
I second that. Is the site being targeted intentionally, or is it a random attack?
Who would have a vendetta against this place?
-
I second that. Is the site being targeted intentionally, or is it a random attack?
Almost certainly an automated attack via botnet. Hell there are even tools out there that automate the process of signing up for Hotmail, Yahoo and Gmail accounts.
Basically, the more traffic your site gets, the more often you will get this sort of crap headed your way.
-
Almost certainly an automated attack via botnet. Hell there are even tools out there that automate the process of signing up for Hotmail, Yahoo and Gmail accounts.
Basically, the more traffic your site gets, the more often you will get this sort of crap headed your way.
But what do they get out of it, besides using up server space?
I wonder what Tim Berners-Lee has to say about this whole internet thingy.
-
But what do they get out of it, besides using up server space?
Free advertising. Remember many of these botnets are commercial in nature - they get paid by shady (and sometimes not so shady) businesses to hawk their products wherever they can.
Botnets are serious businesses these days.
I wonder what Tim Berners-Lee has to say about this whole internet thingy.
Hello, my name is Tim Berner-Lee and I am here to tell you that you have won the world wide web lottery, congratulations!
Now understand that you were picked out at random from millions of people worldwide and have won $55,000,000 USD.
All we need to proceed is your bank details which you can fill in and send back to us at our secure website at http://www.thisisnotascamhonestguv.net
Along with your full name, address, date of birth and social security number!
Remember, this prize is yours for the taking and must be filled in as soon as possible for you to collect your winnings!
What's that whirring sound... ;)
-
hello, my name is tim berner-lee and i am here to tell you that you have won the world wide web lottery, congratulations!
rofl! :)
-
This is one of the drawbacks of using vBulletin, it is THE forum system to focus on for the spammers considering the huge installed base. After I configured Akismet and reCAPTCHA it was reduced from hundreds of posts to like five spam posts every week or so, but then the site (consolereview.net) has low traffic compared to amiga.org.
-
What happens when they register a fake account? Do they start sending out adverts / spam from that account onto the forums or what?
-
What happens when they register a fake account? Do they start sending out adverts / spam from that account onto the forums or what?
Going on what I've seen on other forums, you get spam floods. The bots will at the same time also be using the email accounts to broadcast as much spam as they can to as many valid email addresses as they can get hold of/harvest before the account is closed.
And it's an arms race - every time you create a server system that actively hunts and kills spam accounts you'll find that the botnet owners/makers create a countermeasure that makes it harder for them to be picked up.