Recent Posts

Thank you. I hadn't considered that possibility, but I would hope they have sufficient safeguards enabled to prevent that from happening.

Yeah, that could happen.

We can (and will) but if there are infected PCs there, it'll probably be back before long. If it does reappear, you might take that as a sign.

Thank you. I hadn't considered that possibility, but I would hope they have sufficient safeguards enabled to prevent that from happening.

We can (and will) but if there are infected PCs there, it'll probably be back before long. If it does reappear, you might take that as a sign.

IP 138.162.8.58 is a US Navy Military Post IP. Can you remove it from your database please.

IP 138.162.8.58 is a US Navy Military Post IP. Can you remove it from your database please.

It's a great idea with one flaw: allowing users to submit emails and IPs will sooner or later lead to abuse. That is, someone somewhere will either use it to screw with an adversary (by submitting their info) or spammers will make use of it to try and poison the database.

I know for a fact that this is happening on other services that allow users to submit spambot data. The databases are slowly but surely being seeded with fake data by malicious users and slow-but-steady spammers.

If you can think of a solution to this we'd be interested in hearing it. We have a couple in mind, but no firm solution yet.

Part of the problem is that like any real-time service, BotScout can only prevent bots and spammers that are already "known". Since new email addresses and IPs are easy to come by, there is no way to catch them all. I've noticed an uptick in human spammers, possibly because services like this one and others are becoming more effective.

I agree with you, but the whole point of my suggestion #1 was to counter this problem. Perhaps I expressed myself badly. Please allow me to hypothetically timeline the idea:
Day 1: Mr. Spambotter (Mr S) registers with, say, 100 forums during the night
Day 2: 50 forum owners see new registration but assume they're OK because Mr. S is not yet on the BotScout list
Day 3: Another 25 owners ditto
Day 4: Another 10 ditto, but the tenth one finds that the registration is from a spammer and advises you so that it can be listed.
 === At this point 84 forums have a registered spammer and only 1 is banned===
Days 7, 14, 21... (say) The member lists are scanned automatically and compared with the spammer list, so Mr S is detected in the 84 forums: this triggers Mr S's name being placed on the reserved names list, banned for at least name and e-mail address and then deleted (with SMF, the ban will remain, even when the spammer is deleted if the name is reserved).
=== Now, Mr S is banned forever on all 85 forums, plus the other 15 and he has disappeared from the members' lists!

Disadvantage: the (weekly, monthly?) scan will take some time for busy forums but could be scheduled for "after-hours"

Hope this explains it better!

Part of the problem is that like any real-time service, BotScout can only prevent bots and spammers that are already "known". Since new email addresses and IPs are easy to come by, there is no way to catch them all. I've noticed an uptick in human spammers, possibly because services like this one and others are becoming more effective.

I agree with you, but the whole point of my suggestion #1 was to counter this problem. Perhaps I expressed myself badly. Please allow me to hypothetically timeline the idea:
Day 1: Mr. Spambotter (Mr S) registers with, say, 100 forums during the night
Day 2: 50 forum owners see new registration but assume they're OK because Mr. S is not yet on the BotScout list
Day 3: Another 25 owners ditto
Day 4: Another 10 ditto, but the tenth one finds that the registration is from a spammer and advises you so that it can be listed.
 === At this point 84 forums have a registered spammer and only 1 is banned===
Days 7, 14, 21... (say) The member lists are scanned automatically and compared with the spammer list, so Mr S is detected in the 84 forums: this triggers Mr S's name being placed on the reserved names list, banned for at least name and e-mail address and then deleted (with SMF, the ban will remain, even when the spammer is deleted if the name is reserved).
=== Now, Mr S is banned forever on all 85 forums, plus the other 15 and he has disappeared from the members' lists!

Disadvantage: the (weekly, monthly?) scan will take some time for busy forums but could be scheduled for "after-hours"

Hope this explains it better!

I'm extremely swamped with work atm (even moreso now, lol, just lost ~24 hours having to drive my brother to the other end of the country (he's in the Navy, and his rental car didn't turn up)), but I'll try and throw something together when I get some time

Part of the problem is that like any real-time service, BotScout can only prevent bots and spammers that are already "known". Since new email addresses and IPs are easy to come by, there is no way to catch them all. I've noticed an uptick in human spammers, possibly because services like this one and others are becoming more effective.

As for the other suggestions, I think they all have some merit. Most of them would also generally be implemented on the target server, not necessarily on BotScout.

Regarding contact forms, you can use the general BotScout code package to screen bots and spammers just as you would with the SMF package, although you'd need to insert the code into your contact form.

For a number of reasons I doubt we'll ever produce an .EXE file. (For one, I personally don't code in executable formats.) If someone else wants to do this they're welcome to take a run at it.

Comments and suggestions from other users and/or team members are more than welcome.

I am totally flummoxed about what I should do. For some
considerable time I have been using BotScout for manually
checking for spam bots, in an SMF Forum. I did try to automate this
but it did not work.

I receive a number of new registrations on a daily basis and I would
guess that over 80% of them are of some nuisance value. Only about
one in 15 of these nuisance registrations comes up from your list as
a spam bot, checking ID, IP and e-mail address. The other 14 are
"users" who possibly never come back and they usually have
"spamming"-looking names, mostly with Hotmail or Gmail e-mail
addresses. Unless there is an obvious reason, such as some sexual
reference, I dare not assume that they are spam; they may very well
be genuine users, but there is no way of knowing in advance.

What I would like to see is a number of features which I do not
think appear, as yet:

1. The possibility to periodically (say, weekly) to scan the
existing member list: if it finds a name, IP number or e-mail
address that you have flagged, then it automatically will add bans
to the name, e-mail address but not necessarily IP number; that it
adds the name to the "reserved names" list in SMF and then deletes
the member. This will allow data added to your list since the
original registration to be used to retroactively remove a member.

2. When a spam bot is detected during registration, then the banning,
 adding to the reserved names list and deletion should be fully
automatic, so that no trace of it remains except in the banned list.

3. As I am not adept at the writing or inserting code, may I suggest
that some means be found that this be done from an exe file, which
will automatically find the appropriate place to insert the
necessary code. This way, it may be possible for me to have Botscout
work automatically, which I cannot do as at the moment.

4. On several websites, with nothing to do with SMF, I have "Contact
Us" features. 90% or more of the users of this facility are spammers,
 sometimes with commercial messages but more often just ridiculous
gobbledygook. Would it be possible to have an exe file that inserts
a feature that checks the sender's name, IP address and e-mail
address against your lists and simply blocks the "message" from
being sent?

As it is, I have no clue as to how effective Botscout is, in my case,
 except that I do see in the ban log that the few spam bots that I
have been able to ban manually occasionally and repeatedly try to
access the forum. To what extent this is effective is unknown
because of the large number of unbanned but suspected spam bots.

It would be interesting to know whether other users have similar problems to myself and whether my 4 suggestions ring a bell. If so, maybe Mike could give some thought on the matter. I'm sure that if it were easier to use, Botscout could become a real winner.

I am totally flummoxed about what I should do. For some
considerable time I have been using BotScout for manually
checking for spam bots, in an SMF Forum. I did try to automate this
but it did not work.

I receive a number of new registrations on a daily basis and I would
guess that over 80% of them are of some nuisance value. Only about
one in 15 of these nuisance registrations comes up from your list as
a spam bot, checking ID, IP and e-mail address. The other 14 are
"users" who possibly never come back and they usually have
"spamming"-looking names, mostly with Hotmail or Gmail e-mail
addresses. Unless there is an obvious reason, such as some sexual
reference, I dare not assume that they are spam; they may very well
be genuine users, but there is no way of knowing in advance.

What I would like to see is a number of features which I do not
think appear, as yet:

1. The possibility to periodically (say, weekly) to scan the
existing member list: if it finds a name, IP number or e-mail
address that you have flagged, then it automatically will add bans
to the name, e-mail address but not necessarily IP number; that it
adds the name to the "reserved names" list in SMF and then deletes
the member. This will allow data added to your list since the
original registration to be used to retroactively remove a member.

2. When a spam bot is detected during registration, then the banning,
 adding to the reserved names list and deletion should be fully
automatic, so that no trace of it remains except in the banned list.

3. As I am not adept at the writing or inserting code, may I suggest
that some means be found that this be done from an exe file, which
will automatically find the appropriate place to insert the
necessary code. This way, it may be possible for me to have Botscout
work automatically, which I cannot do as at the moment.

4. On several websites, with nothing to do with SMF, I have "Contact
Us" features. 90% or more of the users of this facility are spammers,
 sometimes with commercial messages but more often just ridiculous
gobbledygook. Would it be possible to have an exe file that inserts
a feature that checks the sender's name, IP address and e-mail
address against your lists and simply blocks the "message" from
being sent?

As it is, I have no clue as to how effective Botscout is, in my case,
 except that I do see in the ban log that the few spam bots that I
have been able to ban manually occasionally and repeatedly try to
access the forum. To what extent this is effective is unknown
because of the large number of unbanned but suspected spam bots.

It would be interesting to know whether other users have similar problems to myself and whether my 4 suggestions ring a bell. If so, maybe Mike could give some thought on the matter. I'm sure that if it were easier to use, Botscout could become a real winner.

Can you upload the registration page please?