Monday, February 12, 2007

In And Out

For several months, Indonesian Linux Forum has been freed from Spammers after the last incident back in October 2006 when the spammers post about 1600-1800 post before finally they were deleted directly from the database and put more protection on it. But recently, there were a few spammers who can break through the CAPTCHA protection provided by phpBB.

I don't know whether they are human or not, but they managed to register it successfully and start sending a 'polite' spam just like what hit Alex's blog and then after few days, they changed their post to their real message (spams) and selling common things that usually being sold by spammers, such as Viagra or Pills/Drugs. Actually i already kindda suspicious when they posted one message on the forum, but since it's not related to any spam, i just ignored them, and several days later, they changed them and my instinct was correct. They were spammers.

Even though it's not as bad as what we had in 2006, it's very annoying and more task to do (deleting post, users, and perhaps banning them). Actually there's an option in the phpBB Administration Panel to configure the registration method whether it will be via email (user has to confirm via email sent by phpBB) or via admin (admin have to approve before the user is activated). Usually, most phpBB installation will use email as the preferred method, since the administrator does not have to confirm each time there's a new user registered, but it's also prone to spammers, as most spammers can try to simulate the registration process and reply the email sent to the email address.

In order to prevent spams, it's possible to change that method to admin, but do we have time to acknowledge all request that's coming to us? Currently, i don't have that, so i didn't activate that methods for now, but when the spammers are hitting us again in the future and i do have that time, perhaps we can activate that kind of protection. I may have to ask Ronny Haryanto first before activating this method as i'm only helping him maintaining the forum.

For now, let's just wait and see the spammers keeps coming in and out...