[Nms-cgi-devel] Re: [Nms-cgi-support] NMS WWWBoard Spam problems.

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Wed, 2004-10-13 at 09:48, Mark Young wrote:
> These are the IP's that posted spam last night.
>  
> 216.83.96.37
> 212.165.158.100
> 12.215.220.247

Okay,
We will have made a new release of wwwboard on friday morning.  This
will include some new anti-abuse measures that you may find useful:

	*  Use a banned words list defined in an external file

	*  Use a banned IP (or network) list defined in an external file

	*  Use DNS Block List to block known proxies and 'cracked' computers

These new features are relatively easy to configure and are described in
the README - we would hope that the documentation is clear but
appreciate any feedback that you may be able to offer in this regard. 
If you have any further questions please do not hesitate to contact us.

/J\
>  
> Regards
>  
> Mark.
> 
> Jonathan Stowe <jn...@ge...> wrote:
>         On Mon, 2004-10-11 at 15:44, Mark Young wrote:
>         > I've recently changed my WWWBoard from a MSA version to a
>         NMS version
>         > to stop spam. Unfortunately I am just starting to get spam
>         again.
>         > 
>         > Does anyone have any suggestions. I want to keep WWWBoard,
>         but dont
>         > want the problems.
>         
>         Unfortunately the 'spam' posts to your WWWBoard are
>         indistinguishable
>         from the legitimate ones to the program as it stands. The NMS
>         WWWBoard
>         is definitely more secure than the MSA one in asmuch as it
>         fills a
>         number of holes whereby a cracker could deface the site and/or
>         DoS the
>         server fairly simply with a small custom web client.
>         
>         The current development versions of NMS WWWBoard have a number
>         of
>         experimental features to block 'Spam' but they are quite a
>         long way from
>         release as it stands - you can always get the latest
>         development version
>         from:
>         
>         http://cvs.sourceforge.net/viewcvs.py/*checkout*/nms-cgi/wwwboard/wwwboard.pl
>         
>         If you have $show_poster_ip set to 1 it might be useful for
>         you to
>         record the IP addresses of the abusive posters - it is likely
>         that they
>         are otherwise blacklisted open proxies that are being
>         exploited by the
>         spammers: we have some code in the NMS TFmail that consults a
>         DNS based
>         block list to defeat these kinds of attacks - if you supply us
>         with some
>         of the IPs we can check if this will work for you.
>         
>         In the short-term you might want to simply change the name of
>         your
>         wwwboard.cgi as this will defeat the automated messages for a
>         while.
>         
>         In the longer term I think that we may create some
>         WWWBoard-like
>         functionality into TFMail (which despite its name already has
>         guestbook
>         like features ) which is our longer term development platform.
>         
>         /J\
>         -- 
>         
>         This e-mail is sponsored by http://www.integration-house.com/
>         
> 
> ______________________________________________________________________
> ALL-NEW Yahoo! Messenger - all new features - even more fun!
-- 

This e-mail is sponsored by http://www.integration-house.com/