[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4183: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3493)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4185: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3493)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4186: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3493)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4187: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3493)
TFBW's Forum :: View topic - Widespread and Systematic Forum Abuse (Forum Spam)
TFBW's Forum
http://forum.tfbw.com/

Widespread and Systematic Forum Abuse (Forum Spam)
http://forum.tfbw.com/viewtopic.php?f=7&t=62
Page 2 of 3

Author:  TFBW [ Tue Jan 09, 2007 3:31 am ]
Post subject: 

You may think that the above post is pure, unadulterated sarcasm, but it's not! It's actually stealth spam! The words "forum", "usually", and "new" (in "new stuff") are hyperlinks with additional "color" tags to render them black like the surrounding text. I've defanged the links by adding ".nolinkspam" to the domain name, but left them otherwise unchanged for your information.

The spam cam from IP address 80.77.8.29, which is in Pakistan -- almost certainly the same Pakispammer I've encountered before on this very thread, given the overlap in domain names involved. A quick shows that this guy is fairly diverse in his spamming, not just targeting phpBB instances.

I also note that at least one of the blogs he has spammed passes all external links through a local redirect. Redirects have problems of their own, but I note in passing that it probably renders the spam ineffective as a way of boosting search profile.

Author:  Marky78 [ Tue Jan 09, 2007 7:07 pm ]
Post subject:  RE

Alright Man, may be it effects you alot thats why you cant even afford 2 or there links, But your post was nice , Thanks Keep it up

Author:  TFBW [ Wed Jan 10, 2007 1:01 am ]
Post subject: 

It's not a question of me being able to "afford links" -- what a ridiculous concept. The problem is that spammers like you are abusing my forum as a way of getting free advertising and increasing your search engine profile. If you'd taken the time to read through some of what I've posted earlier, you'd note that I already have to block hundreds of POST attempts per day from automated spam generators. If my countermeasures weren't completely effective against such spam, I'd have no choice but to close the forum, since it would not be feasible to find actual conversations amongst all the spam.

If you want to stick around and have a decent conversation, I have no problem with you throwing in a link or two in your signature line. Spouting random crap just so that you can get your links in does not count as "conversation".

Author:  Marky78 [ Thu Jan 11, 2007 8:44 pm ]
Post subject:  RE

Well this last time , i had posted a good comment about your forum which probably increase ur forum rank, but you also make it an issue,last time i was wrong posting direct links thats was not good idea at all,......................... you think posting such a comment is easy task, it takes alot time my dear.... But never mind i praise ur pateince even after hundreds of spams u are still calm...hmmm . .. and wish u good luck for ur Forum

Author:  TFBW [ Thu Feb 01, 2007 6:27 am ]
Post subject:  CHINANET jiangsu province network

Over the last week or so, I've had a persistent spammer from China posting messages consisting of nothing but links, mostly in Chinese. He posts, I delete, we repeat. The spammer is performing this work by hand, and using Google searches on the terms "posting.php?mode=quote" and "post a reply" to find postable forums. (Actually, the search is on the individual words in "post a reply", not the phrase.)

I don't actually have proof that this is one spammer, but there is a common thread between the postings: all have come from IP addresses listed as belonging to China Telecom, "CHINANET jiangsu province network". On each occasion, I have blocked the entire subnet associated with the offending IP address, and I'm now curious as to how many subnets Jiangsu province has, exactly. I've blocked a /16 and two /14s so far!

It would be nice to implement a finer grain of control over such nuisance areas. I don't like the idea that I'm blocking large ranges of China just because of one little enterprise there that is earning money by being a global public nuisance. It would be better to disallow anonymous posting from such a range, or moderate posting from that range. Such subtleties are well beyond the capability of phpBB and my Apache .htaccess/Javascript hack, however.

Author:  bvcb [ Fri Feb 02, 2007 12:00 pm ]
Post subject:  Re: What's a WebaltBot?


Author:  TFBW [ Fri Feb 02, 2007 6:48 pm ]
Post subject: 


Author:  TFBW [ Sat Feb 03, 2007 6:54 pm ]
Post subject:  Goodbye China

There's a big difference between spammers from eastern Europe, and spammers from Asia: the former automate their spamming; the latter do it manually. My anti-spam mechanism deals with the automata, not the manual spammers. Our friend the Pakispammer actually had a sort of conversation with us here in the forum, for example. The Chinese spammers, on the other hand, are also manual spammers, but aren't interested in conversation. They don't even post in English.

Having deleted another five Chinese spams today, posted from three distinct IP addresses, I've decided that China has got to go. I've started blocking /12s and /11s based on information from . If I get the time tomorrow, I'll process the APNIC data and get it to generate a complete blocklist for China. I may not block all of China immediately, but I will block the largest subnettable Chinese address range associated with any spam that arrives from now on.

Author:  TFBW [ Wed Feb 07, 2007 2:32 am ]
Post subject: 


Author:  Shannon Light [ Fri Feb 09, 2007 1:58 am ]
Post subject:  Quote



marketing@mcpmedia.com

MCP Media is a professional Phoenix web design company. Get free web design quotes here any time!

Author:  TFBW [ Fri Feb 09, 2007 2:54 am ]
Post subject: 

The above spam came from 202.134.119.9, which is in Hong Kong. Interestingly, the "referer" URL was "http://172.16.19.3/LinkBuilder/CheckLinkEx.aspx". The IP address in that URL is a private (local network) address, but the "LinkBuilder/CheckLinkEx.aspx" part is strongly suggestive of a custom application of some sort. The spamming activity has been performed manually, but is aided by some kind of private search engine. Once again, this looks very much like "spam for hire" work. I'm preemptively blocking 202.134.64.0/18 (delegated to HK by APNIC) in response to this.

Author:  TFBW [ Sun Feb 11, 2007 2:15 pm ]
Post subject: 

More China spam. Today I had three posts from a registered user in China. The posts try to be at least slightly relevant to the topics under which they were posted, but they were still content-free, mostly irrelevant, and seemed to exist purely for the purpose of linking to the submitter's website. Two of the posts have been deleted; the third currently remains because the link was broken anyhow, and I want to give the spammer a chance to respond.

The IP source was 61.167.36.226, and 61.128.0.0/10 is currently the largest containing CIDR block specific to China that I could ban. No ban yet, though: they get one chance to defend their actions.

Author:  TFBW [ Mon Feb 12, 2007 10:06 am ]
Post subject: 

Well, that spammer's chance came and went. As is typical, he's in write-only mode, and doesn't seem to have read my response to the one message I allowed to remain on the system. Instead, he's posted three more junky random posts, all of which are excerpts off a particular website (his, presumably), and included a link to the source. This is just link-spamming pollution so far as I'm concerned, and I've added 61.128.0.0/10 to the list of IPs not welcome here, and removed the new posts.

Author:  TFBW [ Tue Feb 13, 2007 3:31 pm ]
Post subject: 

China continues to be whittled away. Today 59.32.0.0/11 was added thanks to a -- what term should I use for these forum-spamming equivalents of telemarketers? -- at 59.35.230.96. The banned range is the largest enclosing CIDR around that address entirely delegated to China. There's not a lot to say about this particular instance: the referrer field on the first access is empty, and the user agent includes "TencentTraveler". There may be some automation involved here, since the entire process took less than ten seconds from initial GET to final POST.

Author:  TFBW [ Mon Feb 19, 2007 6:29 am ]
Post subject:  Shame on Commtouch Software Inc


Author:  TFBW [ Mon Mar 05, 2007 9:44 pm ]
Post subject: 


Author:  steamedpenguin [ Wed Mar 28, 2007 5:21 pm ]
Post subject:  Implementing your JavaScript hack against trackback spammers


Author:  TFBW [ Thu Mar 29, 2007 1:03 am ]
Post subject: 


Author:  steamedpenguin [ Thu Mar 29, 2007 3:30 am ]
Post subject:  So far so good


Author:  Guest [ Fri Mar 30, 2007 5:19 pm ]
Post subject: 


Page 2 of 3 All times are UTC
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/