nanog mailing list archives
Re: IP Delegations for Forum Spammers and Invalid Whois info
From: Gadi Evron <ge () linuxbox org>
Date: Mon, 3 Jul 2006 03:07:33 -0500 (CDT)
This is a known problem with known solutions. There are RBL's, bayesian
filters, behaviour filters, and what not.
For a phpbb forum I'd suggest a captcha, although that's extremely
annoying.
This is becoming the next (last) spamvertising medium and Google poisoning
medium. I and others spend hours on this issue every day. We even have a
mailing list for this.
Good luck,
Gadi.
On Mon, 3 Jul 2006, Mark Foster wrote:
I assume the ongoing problems that forum administrators have with people randomly signing up to forums - even closed ones requiring admin approval for all accounts - for the purpose of spamming their web urls around the place is an old one. I run such a forum and have started implementing /16 level bans to try to slow them down. Obviously not the best solution. The forum in question is phpBB (I know - whos isn't) and i'm yet to have time to actually start digging into whether there are better ways of responding to this issue. (Volume isnt prohibitive - yet.) In the most recent case the IP address space that the website concerned points back to is in the Ukraine and the listed abuse contact is on a domain which is canned due to invalid contact details provided. My question then is - what happens now? The IP address space is essentially 'untraceable' except perhaps through bandwidth-supplier-agreements or somesuch. Shouldn't IP's with similarly invalid contact details be 'suspended' after being given opportunity to provide updated, correct details? The IP range in question is 195.225.176.0 - 195.225.179.255 and a snippet of the whois info provided is as follows: remarks: **************************************** remarks: * Abuse contacts: abuse () netcathost com * remarks: **************************************** person: Vsevolod Stetsinsky address: 01110, Ukraine, Kiev, 20Á, Solomenskaya street. room 206. phone: +38 050 6226676 e-mail: vs () netcathost com nic-hdl: VS1142-RIPE source: RIPE # Filtered Forgive the relative noobishness of the question, but I've not had to deal with this sort of situation before. Should I be forwarding to RIPE?
Current thread:
- IP Delegations for Forum Spammers and Invalid Whois info Mark Foster (Jul 02)
- Re: IP Delegations for Forum Spammers and Invalid Whois info Simon Waters (Jul 03)
- Re: IP Delegations for Forum Spammers and Invalid Whois info Phil Rosenthal (Jul 03)
- Re: IP Delegations for Forum Spammers and Invalid Whois info Simon Waters (Jul 05)
- Re: IP Delegations for Forum Spammers and Invalid Whois info Phil Rosenthal (Jul 03)
- Re: IP Delegations for Forum Spammers and Invalid Whois info Gadi Evron (Jul 03)
- Re: IP Delegations for Forum Spammers and Invalid Whois info Simon Waters (Jul 03)