Danbooru

Read the rules before proceeding!

Topic: Spam Bot

Posted under General

Unbreakable

Just give them a negative that says they are a spambot and they will be banned when an admin/moderator sees it.

  • ID: 135926
  • Permalink
  • BrokenEagle98

    Pretty soon, spam accounts (Member-level only) may be autobanned if they meet certain credentials.

  • ID: 135928
  • Permalink
  • iridescent slime

    Unbreakable said:

    Just give them a negative that says they are a spambot and they will be banned when an admin/moderator sees it.

    Look at the user listing and you will see that there are dozens of bot accounts presently signing up every hour, all of them following the same username pattern of a girls' name followed by a random number. The moderators can't be expected to keep up at this rate.

    How long will it take before the situation requires requires a captcha or similar solution to mitigate spambot activity?

  • ID: 135929
  • Permalink
  • Mikaeri

    ^

    It's really getting out of hand. Bout time this site got with the times regarding user authenticity.

  • ID: 135930
  • Permalink
  • BrokenEagle98

    iridescent_slime said:

    How long will it take before the situation requires requires a captcha or similar solution to mitigate spambot activity?

    Well, a few measures have already been enacted to mitigate this issue...

    • Use of Akismet for spam detection
    • Limit account creation to one per IP address per day

    This is all a process of balancing security versus ease of use. We don't want to up the security too much and potentially turn away users new or old, nor do we want to just let these malicious users run nilly willy. It's all a balance act.

  • ID: 135931
  • Permalink
  • NWF Renim

    From what I currently see this spambot is running at least three active accounts at the same time. It transmits about 100 dmails per account before creating a new account. It generally cycles to a new IP address each time, resulting in nearly each account having it's own unique IP address tied to it.

    I'm estimating it's already created about 1200 accounts and started within the last 24 hours.

  • ID: 135933
  • Permalink
  • Hillside Moose

    NWF_Renim said:

    From what I currently see this spambot is running at least three active accounts at the same time. It transmits about 100 dmails per account before creating a new account. It generally cycles to a new IP address each time, resulting in nearly each account having it's own unique IP address tied to it.

    I'm estimating it's already created about 1200 accounts and started within the last 24 hours.

    Albert's current solution is to limit one new account, per IP address, per day, which is useless if every account has its own IP address. A CAPTCHA for the sign-up page would largely fix this problem.

  • ID: 135934
  • Permalink
  • Unbreakable

    iridescent_slime said:

    Look at the user listing and you will see that there are dozens of bot accounts presently signing up every hour, all of them following the same username pattern of a girls' name followed by a random number. The moderators can't be expected to keep up at this rate.

    How long will it take before the situation requires requires a captcha or similar solution to mitigate spambot activity?

    Yeah I've seen it, giving them a negative only works so far but it may be better than nothing.

  • ID: 135935
  • Permalink
  • Chucu

    I searched for this thread as soon as the Dmail notification finally displayed the message. Some blatant spam (user #530916 just in case). At first I thought the notification to be a bug, as the new message was nowhere to be seen in my inbox.
    Could this delay be a separate issue or did the spam get so bad that new mail arrives at least twenty minutes after its notification?

  • ID: 135936
  • Permalink
  • Unbreakable

    Chucu said:

    I searched for this thread as soon as the Dmail notification finally displayed the message. Some blatant spam (user #530916 just in case). At first I thought the notification to be a bug, as the new message was nowhere to be seen in my inbox.
    Could this delay be a separate issue or did the spam get so bad that new mail arrives at least twenty minutes after its notification?

    There is a separate spam folder in your inbox you can access from the second top bar when in your inbox.

  • ID: 135937
  • Permalink
  • Chucu

    Unbreakable said:

    There is a separate spam folder in your inbox you can access from the second top bar when in your inbox.

    Just visited it. Sorry, didn't quite see it in the mobile version.

    Is this spam event bigger than those from past years?

  • ID: 135938
  • Permalink
  • Unbreakable

    I have never seen a spam event this big during my years on Danbooru, this is a rather extreme case.

  • ID: 135939
  • Permalink
  • tapnek

    This is Indian scammer levels of spam. A captcha is sorely needed for the sign up process.

  • ID: 135957
  • Permalink
  • Chiera

    Jup, agree.
    Registration is way to easy to exploid. Captcha or similar would probably help.

  • ID: 135961
  • Permalink
  • SoulEvansEater

    A lot of people have been suggesting a captcha, but they aren't nearly as effective as people think. They're frequently farmed out to sweatshops in third world countries to complete en-masse. If an attacker really wanted to register accounts, it would cost them a little money, but would be trivial to do.

  • ID: 135976
  • Permalink