Hi everyone,
Over the past 10 days,
we've been getting "attacked" by spammers (spam bots?) that
are registering spam accounts with emails in various *.ru
domains. (I guess we had been lucky enough to stay under their
radar so far) The account name (in Russian) translates to
various click baity links. I've been banning/renaming those by
hand, but we're getting close to a hundred such accounts in
that short period of time, and I'd rather spend my time on
something more productive. I activated the spam protection
measures in config, but after a few days, I must say they
don't seem very effective. Probably because the UserSpamScorer
class seems to search for signs of spam in English, so
cyrillic spam might be getting through?
Is there any way to completely ban signups from certain email domains?
Is there a way I could add a list of words in config to block account names that include "congrats" in Russian or others that I've seen? "https://" in the username should also be a clear spam sign :)
Thanks for any suggestions!
Laurent for madada.fr
--
You received this message because you are subscribed to the Google Groups "Alaveteli Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to alaveteli-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/alaveteli-dev/daf3c8aa-0b7b-8a1b-8a5e-997069838cb7%40gmail.com.
Hi everyone,
Thanks all for your replies. I'm conscious that what we have here is pretty small scale, but I'd rather act before we're completely swamped.
Last week, some emails started getting blocked by microsoft, which is worrysome considering how prevalent their mail service is in the (French?) administration. While I don't think it's directly related to the spam accounts, it served as a good reminder that our site can be rendered useless quite easily.
I believe our attack was human as well, the delay between account creations was too long to be bots. I banned the accounts and renamed them to "<spammer>" and after a few days of this dance, it seems to have stopped. The "about me" field was not used in this case.
Gareth, I'll try the various options you suggested and report back.
Thanks again,
Laurent
I believe our attack was human as well, the delay between account creations was too long to be bots. I banned the accounts and renamed them to "<spammer>" and after a few days of this dance, it seems to have stopped. The "about me" field was not used in this case.
Oh, this reminds me of another observation.