June 18, 2014 at 2:34 pm
Spammers have clearly developed a mechanism to beat the "click on this email we send you" mechanism SSC.com uses to keep out junk posters. Something else is needed. I don't know what the answer is (captcha is only one I know of, but that is likely a for-fee thing), but continuing the course is a losing proposition.
Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
June 18, 2014 at 2:58 pm
TheSQLGuru (6/18/2014)
Spammers have clearly developed a mechanism to beat the "click on this email we send you" mechanism SSC.com uses to keep out junk posters. Something else is needed. I don't know what the answer is (captcha is only one I know of, but that is likely a for-fee thing), but continuing the course is a losing proposition.
Not sure it is because they get around that. It seems the spammers are all using the same login over and over until they get booted. Captcha would be good for new accounts and there are lots of free ones out there. It has really been out of control the last few days thanks to the World Cup.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
June 18, 2014 at 3:01 pm
Just before the spam started, I noticed some pages had a compromised php page on them. SSC was trying to download it to my system. The virus scanner kicked off alerts about it. I am betting the spammers are in because of a compromise and they may be exploiting it to their benefit.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
June 19, 2014 at 4:10 am
About the Spam messages which have been flooding the forums -we're aware of the problem and are working to clear the posts as quickly as possible. I know they're annoying, and frankly, they're ruining the world cup for me a little, but we're doing our best. The posts looks to be submitted manually (not scripted) so we don't believe something like captcha would make a difference.
We'd ask that you continue to flag the spam as soon as you see it, we'll clear it as soon as possible while we also work on a more comprehensive fix.
Melanie
SQLServerCentral Team
June 19, 2014 at 4:18 am
melanie.townsend (6/19/2014)
About the Spam messages which have been flooding the forums -we're aware of the problem and are working to clear the posts as quickly as possible. I know they're annoying, and frankly, they're ruining the world cup for me a little, but we're doing our best. The posts looks to be submitted manually (not scripted) so we don't believe something like captcha would make a difference.We'd ask that you continue to flag the spam as soon as you see it, we'll clear it as soon as possible while we also work on a more comprehensive fix.
Melanie
SQLServerCentral Team
Thanks for the update and the effort!
Need an answer? No, you need a question
My blog at https://sqlkover.com.
MCSE Business Intelligence - Microsoft Data Platform MVP
June 19, 2014 at 6:02 am
melanie.townsend (6/19/2014)
About the Spam messages which have been flooding the forums -we're aware of the problem and are working to clear the posts as quickly as possible. I know they're annoying, and frankly, they're ruining the world cup for me a little, but we're doing our best. The posts looks to be submitted manually (not scripted) so we don't believe something like captcha would make a difference.We'd ask that you continue to flag the spam as soon as you see it, we'll clear it as soon as possible while we also work on a more comprehensive fix.
Melanie
SQLServerCentral Team
Thank you, Melanie. It's good to know it's something is being done to stop it. I see they've spread from soccer to now include other TV programs. I wonder if spammers know just how much they're disliked. Sigh.
June 19, 2014 at 6:07 am
Ed Wagner (6/19/2014)
melanie.townsend (6/19/2014)
About the Spam messages which have been flooding the forums -we're aware of the problem and are working to clear the posts as quickly as possible. I know they're annoying, and frankly, they're ruining the world cup for me a little, but we're doing our best. The posts looks to be submitted manually (not scripted) so we don't believe something like captcha would make a difference.We'd ask that you continue to flag the spam as soon as you see it, we'll clear it as soon as possible while we also work on a more comprehensive fix.
Melanie
SQLServerCentral Team
Thank you, Melanie. It's good to know it's something is being done to stop it. I see they've spread from soccer to now include other TV programs. I wonder if spammers know just how much they're disliked. Sigh.
And really, soccor in IT forum? Talk about bad product placement.
Need an answer? No, you need a question
My blog at https://sqlkover.com.
MCSE Business Intelligence - Microsoft Data Platform MVP
June 19, 2014 at 7:27 am
The posts looks to be submitted manually (not scripted) so we don't believe something like captcha would make a difference.
1) I am curious how you can know that. It is my understanding that pretty much any http action can be automated. That is why Captcha helps - you can't automate the visual recognition phase those systems inject into the process (yet).
2) I still think it is better to stop users from creating new logins as a mechanism to stop this form of attack. Well, unless the spammers have banked up a bunch of logins in the past that they will just activate each time you cut off a currently used one.
Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
June 19, 2014 at 7:29 am
TheSQLGuru (6/19/2014)
I still think it is better to stop users from creating new logins as a mechanism to stop this form of attack. Well, unless the spammers have banked up a bunch of logins in the past that they will just activate each time you cut off a currently used one.
Agreed, but then again, I can't see what they see. 😉
June 19, 2014 at 9:28 am
Hi guys,
I appreciate the interest in trying to fix the problem and block the spammers, trust me, we want to get rid of them just as much as you do. Our small band of admins would rather not have to check the website at midnight to clear out spam so it doesn’t wind up in the newsletter!
Please know that we are working on it, we aren’t going to stop people from signing up to the site and the forums, but we have added a way to properly ban forum users (the spammers were able to get around our defences initially). So, things are moving forward slowly but surely, and I have a lot of confidence in our developers who are well aware that this is a big problem.
If you can just keep doing what you’re doing, report the spam when you see it, we’d really appreciate it.
Melanie
June 19, 2014 at 9:40 am
Thanks Melanie. I imagine it is painful when this amount of spam infiltrates.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
June 19, 2014 at 10:05 am
, we aren’t going to stop people from signing up to the site and the forums,
Then you are trying to solve this problem with one of the most effective and simple solutions available. No matter how complex the logic you build to prevent/automatically delete unwanted spam posts you are essentially GUARANTEED to a) miss some fraction of unwanted posts and b) delete some fraction of false-positive valid posts.
I wish you all the luck with whatever approach(es) you wind up taking, but it seems to me that you are constraining yourselves to REACTING instead of being PROACTIVE. Putting a simple, easy verification in front of each new user is a TRIVIAL amount of effort for each new user to take care of while providing benefits for ALL of us, including your staff that currently have to wade through the posts each day to remove unwanted ones. It seems intuitive that such systems are effective given how many sites have moved to implement such initiatives.
UPDATE: I read the post to say "not going to stop UNWANTED people from signing up" - i.e. a better form of new-user verification than is currently being used.
Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
August 19, 2014 at 1:05 pm
I've got to say, the amount of spam posts is making the site nearly unusable for me;
I used to be a more prolific poster, but it's just too discouraging to sift through the "real" posts sometimes, and i shrug my shoulders and spend less time here than I used to.
I would suggest adding a quick feature to delete posts for users in a certain access group,and to recruit some of the more active posters here to help police and prune the posts until a better solution is created.
Lowell
August 19, 2014 at 3:21 pm
Just some ideas:
Limit the number of forum posts to one or two per day, especially new topics, for a while, say a couple of weeks, after they sign up.
Automatically flag any posting by a new member that has a URL in it.
Automatically flag any posting by a new member that has certain key words in it, like "soccer" or "TV", especially in the title.
Limit new users from posting more than a couple of posts per day until they can successfully answer a number of randomly selected Questions of the Day.
August 19, 2014 at 3:29 pm
Michael Valentine Jones (8/19/2014)
Just some ideas:Limit the number of forum posts to one or two per day, especially new topics, for a while, say a couple of weeks, after they sign up.
Automatically flag any posting by a new member that has a URL in it.
Automatically flag any posting by a new member that has certain key words in it, like "soccer" or "TV", especially in the title.
Limit new users from posting more than a couple of posts per day until they can successfully answer a number of randomly selected Questions of the Day.
One of the problems with this logic is that if spammers can't create new posts, they'll post their spam in existing posts. This might be worse.
For best practices on asking questions, please read the following article: Forum Etiquette: How to post data/code on a forum to get the best help[/url]
Viewing 15 posts - 1 through 15 (of 34 total)
You must be logged in to reply to this topic. Login to reply