Spam

Another spambot/spammer is attacking BLF. They can be pretty annoying. So that people later will know what I am talking about, this post is all over our forum at the time of this writing:

EDIT: I just broke all of the links. Every part in bold was a link to their website.

Looks more like a manual cut'n'paste attack to me? I could write a better spambot than THAT.

I think you're right. And now it looks like they quit. They spammed 18 threads with a total of 23 posts over a 14 minute period.

I don't know how to distinguish the spam? anybody can tell me.

Check out this thread to learn more about SPAM:

https://budgetlightforum.com/t/-/3588

How about banning chenee ?

Cheneeee joined yesterday and had 57 posts already. He's trying to sell Coach bags in a budget flashlight forum. What is he thinking?

i guess he`s thinking he can sell us some of his coach bags... ;)

wiseguy lol!

Is this how CPF began the journey to the darkside? Idiots spamming and CPF trying to come up with ways to stop it. I hope we are able to kill the spam without losing the community feeling we have here.

Hmm. Next step would be to create a technical solution to prevent spam from being accepted.

For instance, generate a hash of each message over some minimum length (so :P messages don't trigger). Then just keep these hash signatures in memory for a few hours (to keep the collision checking quick) and dump any new messages that collide.

You could defeat this by changing a single letter of the comment, yes, but it would defeat pure cut/paste attacks.

Ughhhh, Cheneee is gone now with all of his bags. Sorry for the inconvenience!

I'm glad you finally "bagged" him lol

What is a coach bag anyway?

Good idea! There are implementations of algorithms that are designed to find near-matches (such as simhash and probably lots more, considering that there's a lot of interest in academia). Simhash, in particular, is actually pretty fast, relatively speaking of course.

Also, while we're talking site issues, I thought I'd bring up this thread. NeoGeo discovered that a blf.cc.cz link in an old post of mine now points to a domain squatter site. NoScript and a custom filter list actually blocked the redirection attempt in FF but when I opened the site in IE (in a separate sandbox), it redirected to a spam site. I suspect this affects all old links that point to blf.cc.cz (ie. the old site). Is there any way to re-write old links in the database so that they point to the new site? Getting the old subdomain back would obviously be easier, but I suspect the spammers won't be too happy to give it up and cc.cz is notorious for ignoring abuse cases.

It's a device that guarantees sex for a husband.

Am I the only one who finds this extremely funny? Location HK, number of posts 2 and asking about spam. Has there ever been a legitimate poster from KN or anywhere in China who mentioned apam or any website in their first couple of posts? :slight_smile:



So we have a spammer asking about spam :slight_smile: The usual disclaimers apply of course…if I’m wrong I apologize! It’s funny nevertheless!

He/she/it is not trying to sell anything here. This kind of spam is about getting better search result rankings. Google used to rank results for a given search term by the number of external pages containing that term and linking to the site. I don't know if this is still the way Google works, but the spammer is clearly trying to manipulate search engines. It's not important if he pisses of the users and gets banned, as long as there is a chance of Google's crawler stopping by before his posts get deleted.

Before I discovered my love for spandex, living in a cave and fighting crime, I was running networks to pay the bills. Part of my responsibilities was fighting spam and this was way before everybody would just outsource spam fighting. It was a cat and mouse game and we were losing. So, I turn to a friend of mine for advice and he tells me to think big. Not understanding, I ask what he means and he tells me to go ahead and blackhole all of China, Russia and a dozen other countries. As in flat out block all traffic to port 25 (and later outright rejecting any traffic) from those countries, period.

Now, if you've ever talked to a politician you know how I felt: add a billion here and a billion there, and all of a sudden, you're talking about a fairly large number. ;)

Turns out his logic was sound. There were no overseas customers and a huge chunk of all spam and hacking attempts were coming from China and Russia. As far as extreme measures go, this was a bit much for me but I have to admit it was very effective and it did buy us some time.

It also turned out I was right. Tatamall and lao…something didn’t really spam immediately but tonight they both started promoting as it turns out…www.tatamall.com.



I agree. Block all of China and we won’t lose any real members.