Spammers on Forumosa

tmwc · January 29, 2007, 9:41am

Why not combine it with that blufr thingy? You can’t post unless you know who the first Guatemalan to bat 100 in the world cup was!

AAF · January 29, 2007, 11:58am

Touch-sensitive pads that read fingerprints and blood-flow.

Jaboney · February 4, 2007, 8:45am

More sex bots. Come on… some fix has to be available.

Dragonbones · February 4, 2007, 9:54am

What if newly registered users had a limit of 2 posts in the first 24 hours? Would that help catch it?

Jaboney · February 4, 2007, 9:58am

Wouldn’t help much for anyone signing up–or smurfing for privacy reasons–with urgent concerns.

Belgian_Pie · February 4, 2007, 10:31am

I think it’s pretty annoying … the last one I cought/reported to the admins yesterday spammed in a zillion threads …

MC1 · February 4, 2007, 4:41pm

Is there a “report user” function, like squeal ignore and quote, to be found on these boards? Some spammer under the name of ‘Encetard61’ is at it again (yes I am aware I could PM a mod but something like a report button would be easier :p)

I still think the suggestion I made earlier in this thread should defeat the purpose for spammers to spam here.

Dragonbones · February 4, 2007, 5:12pm

Thanks MC for your input, and your PM to me just now as well. Yes, you can hit SQUEAL (look to the upper right corner of the post in question), which functions as the report button you refer to to notify the admins – they are the only ones currently with the power to wipe out all the spammer’s posts, board-wide, and to ban the bastard as well. Mods can kill the posts which fall within their own individual fora only.

maoman · February 4, 2007, 5:17pm

I’ve just created a team of “supermods” - moderators with double “O” status in all the forums. They’re licensed to kill! Go get those spam-bots!

Dragonbones · February 4, 2007, 5:23pm

Got 'em !

Jaboney · February 4, 2007, 5:43pm

Got Joder?

redwagon · February 4, 2007, 6:05pm

[quote=“Jaboney”]Got Joder?[/quote]Not anymore I don’t

putting Walther PPK back into shoulder holster

MC1 · February 4, 2007, 8:34pm

I’ve been brainstorming a bit about how to stop the flood of spam as of late, and came up with two more feasible idea’s:

-Restrict posting rights of new users so they can only post in temp forum until some conditions, like post count or minimum amount of time registered ,are met and the new user can then request a mod for granting him/her posting privileges to the rest of the forum.
-When signing up for a new account no free mail providers will be accepted (like Hotmail GMail Yahoo ect.) The big idea behind this restriction is that the spammer will eventually run out of mail addresses to use (unless he has a mail server of his own but this is easily fixed by blacklisting his domain) For this to work the email addresses used to register the account with should be kept in the database when spammer user accounts are being deleted. (this one should be fairly simple to implement)

Edit: I just read the opening post of this thread (at some point this topic has been merged).

Well I dunno much about Taiwanese legislation but I doubt it though, if this person is spamming with a non-spoofed IP address a f.com admin could look up this wankers ISP and file a complaint and keep your fingers crossed because it heavily depends on what policies that ISP have on spamming. Some ISP’s, here in The Netherlands, take it very seriously and cut off the spammers internet while others don’t give sh*t… I just realized we can also file a bunch of complaints to the provider hosting the spammers website and again it’s all up to the provider.

Edit2: You mods been too thorough, I can’t even find one spam url anymore to do a whois on :raspberry:

MC1 · February 4, 2007, 8:47pm

Thanks MC for your input, and your PM to me just now as well. Yes, you can hit SQUEAL (look to the upper right corner of the post in question), which functions as the report button you refer to to notify the admins – they are the only ones currently with the power to wipe out all the spammer’s posts, board-wide, and to ban the bastard as well. Mods can kill the posts which fall within their own individual fora only.[/quote]

Ah… right! I was already wondering what the difference was between squeal and ignore but that was because I kept misreading squeal as squelch :homer: doh

MC1 · February 5, 2007, 12:04am

Ha! Finally got one, the domain name is registered to this sucker:

[quote]Domain ID:D15520030-LRMS
Domain Name:PARIS-HILTON-SUCKING.INFO
Created On:01-Dec-2006 17:18:50 UTC
Last Updated On:01-Feb-2007 04:33:07 UTC
Expiration Date:01-Dec-2007 17:18:50 UTC
Sponsoring Registrar:EstDomains, Inc. (R295-LRMS)
Status:OK
Registrant ID:DI_4886569
Registrant Name:[color=red]Jilli Senders[/color]
Registrant Organization:N/A
Registrant Street1:101 Chausse de Wavre
Registrant Street2:
Registrant Street3:
Registrant City:Brussels
Registrant State/Province:Namur
Registrant Postal Code:B-5101
Registrant Country:BE
Registrant Phone:+32.010434661
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email: hks666@gmail.com
Admin ID:DI_4886569
Admin Name:Jilli Senders
Admin Organization:N/A
Admin Street1:101 Chausse de Wavre
Admin Street2:
Admin Street3:
Admin City:Brussels
Admin State/Province:Namur
Admin Postal Code:B-5101
Admin Country:BE
Admin Phone:+32.010434661
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email: hks666@gmail.com
Billing ID:DI_4886569
Billing Name:Jilli Senders
Billing Organization:N/A
Billing Street1:101 Chausse de Wavre
Billing Street2:
Billing Street3:
Billing City:Brussels
Billing State/Province:Namur
Billing Postal Code:B-5101
Billing Country:BE
Billing Phone:+32.010434661
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email: hks666@gmail.com
Tech ID:DI_4886569
Tech Name:Jilli Senders
Tech Organization:N/A
Tech Street1:101 Chausse de Wavre
Tech Street2:
Tech Street3:
Tech City:Brussels
Tech State/Province:Namur
Tech Postal Code:B-5101
Tech Country:BE
Tech Phone:+32.010434661
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email: hks666@gmail.com
Name Server:NS1.GETNEWIMAGE.COM
Name Server:NS2.GETNEWIMAGE.COM[/quote]

And it’s hosted on this IP address 58.65.233.145 by provider HostFresh in Hong Kong so it seems:

inetnum: 58.65.232.0 - 58.65.239.255
netname: HOSTFRESH
descr: HostFresh
descr: Internet Service Provider
country: HK
admin-c: PL466-AP
tech-c: PL466-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-HK-HOSTFRESH
mnt-routes: MAINT-HK-HOSTFRESH
remarks: Please send Spam & Abuse report to
remarks: abuse@hostfresh.com
remarks: -±±±±±±±±±±±+±±±±±±±±±±±±±±+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation’s account
remarks: name in the subject line.
remarks: -±±±±±±±±±±±+±±±±±±±±±±±±±±+
changed: hm-changed@apnic.net 20060612
changed: hm-changed@apnic.net 20060613
changed: hm-changed@apnic.net 20061018
source: APNIC

person: Piu Lo
nic-hdl: PL466-AP
e-mail: ipadmin@hostfresh.com
address: No. 500, Post Office, Tuen Mun, N.T., Hong Kong
phone: +852-65223388
fax-no: +852-65223388
country: HK
changed: eric@hostfresh.com 20060427
mnt-by: MAINT-NEW
source: APNIC

Edit:
At one of the many sexually suggestive urls, which are being spammed on this forum, like: http:// paris-hilton-sucking.info / blog / news / 52919
Once you visit that page the website will prompt you to download a new ‘videocodec’ called accessvid1163.exe which is in fact a trojan called Trojan.Win32.DNSChanger.hk viruslist.com/en/viruses/enc … sid=146019
I still have the as evidence trojan, safely compressed in rar format to prevent accidents, in case the spammer takes the website down anytime soon. PM me if you need it. Anyway I gathered all the info and as you can see it’s against the hosting providers acceptable use policy down below, whats left now is for someone to compile this into a formal complaint and send it to abuse@hostfresh.com. It’s 01:47 in the morning here so Im off to bed.

From Acceptable Use Policy on the HostFresh website

Illegal Activities
Distributing or delivering unlawful activities included, but not limited to illegal drugs, illegal gambling, obscene materials or any products or services that are prohibited under applicable legislation.

Forging of any TCP-IP packet header or any part of the header information in an email or a newsgroup posting. Posting, transmitting, or allowing Internet access to information the customer desires to keep confidential.

[color=red]Distributing information related to the creation of and sending Internet viruses, worms, Trojan horses, pinging or denial of service attacks.
[/color]
Using or sharing IP addresses , which were not assigned to them by HostFresh. Any server found using unofficially assigned IPs will be suspended from network access until IP overlap be corrected.

Other unlawful activities included, but not limited to advertising, transmitting or making available pyramid schemes, fraudulently charging credit cards, and pirating software.

jdsmith · February 5, 2007, 12:11am

Cruise missiles are on the way.

MC1 · February 5, 2007, 1:10am

So you nuking Brussels huh? Ceevee won’t be too happy about that :Europe:

Chris · February 5, 2007, 1:15am

I oppose the death penalty, but I’d gladly make an exception for spammers. Especially if the punishment is cruel and unusual.

Belgian_Pie · February 5, 2007, 2:13am

The info is wrong … jilly Senders? that’s not a real name … Brussels is in province de Namur? Doubt that, Brussels city is an autonumous region, and is in Brabant province … postal code is not that of Brussels … phone number is not registered …

myury · February 5, 2007, 2:49am

Silli Jenders?