nukeSEO.com - PHPNuke SEO Search engine optimization, professional tools including nukeSEO, nukeSPAM, nukeFEED, nukePIE, nukeWYSIWYG and more

 

. Welcome to nukeSEO.com  ! 
.
.
.

Tag This



.
. . .
 Analysis of Blocked Registrations Identifies nukeSPAM(tm) Improvements 
.
.
nukeSPAM (tm)

An analysis of nukeSPAM™ data after a significant increase in blocked registrations on another site yielded some interesting results:

  • Free and throwaway email accounts continue to top the list of spammers (and the site's blocked domain list has been significantly increased)
  • Spammers continue to spoof IP addresses (no surprise)
  • Gmail spammers insert random periods in the user name to enable one account to be used even after the primary email address is blocked

The screenshot of actual nukeSPAM™ data below shows the last 2 points (non-Gmail accounts - the first point - was filtered to highlight these points).  Read more for some ideas on how to prevent this with modifications to nukeSPAM™ and to RNYA.

Gmail Spammer

 

Solutions

The fastest solution for blocking many spam registration using RavenNuke™ is to add the domain to the blocked domains list in the RNYA administration Limits function.  Note that this may require subdomains and additional domain suffixes as blocking yahoo.com won't block yahoo.com.hk and blocking lucow.pl won't block als.lucow.pl .  A shared / subscription list of blocked domains (with the ability to whitelist domains you want to let through) might be useful if it has the ability to real-time checking and / or periodic mass updates (this could also be a nukeSPAM™ enhancement).

nukeSPAM™ can block most spammer registrations is configured correctly.  But 2 enhancements could help nukeSPAM™ block spammers before investing more significant resources by checking external databases of know spammers:

  1. Count the number of periods in the user portion of the email address (i.e. before @) for Gmail addresses (and maybe others).  As you can see by the data, spammers are taking advantage of Gmail's ability to consolidate addresses that only differ by the use of periods.  An @ gmail.com address with more than 1 or 2 periods in the user is most likely a spammer.
  2. Store Gmail addresses without periods in the user portion in the nukeSPAM™ database.  This is the equivalent of ignoring periods for Gmail addresses when blocking, just as Gmail does when it receives email.

The major databases that check email addresses (i.e. BotScout, fSpamList, and StopForumSpam) could also implement this consolidation, if they have not already done so, to reduce the success of using Gmail to spam,.

Post a reply in the nukeSPAM™ forum with your comments and suggestions on these possible solutions.

 



 
.
. Posted on Monday, December 29, 2014 @ 20:29:06 UTC by kguske   .
.
 
click Related        click Rate This        click Share

Analysis of Blocked Registrations Identifies nukeSPAM(tm) Improvements | Login/Create an Account | 0 comments
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register



Page Generation: 0.07 Seconds