Spam Protector plugin behaving incoherently

[xlvisuals]

Hi guys,

I have Serendipity 1.5.5 and PHP 5.2.16. All required files verified. All files transferred in binary mode.

Since two days ago I get suddenly flooded with comment spam, so I turned on the Spam Protector plugin. But it behaves a little crazy:

a) IP block interval: seems to work. Only single comments and not 200 at a time.
b) Enable Captchas: I get the captchas on the comment page, but the comment gets posted independently of what is entered in the verification field. Even if the field is left empty.
c) Check e-mail addresses: Feature doesn't "do anything". Email addresses are not checked (just entering "ttt" works) and no confirmation emails are send to the poster.
d) Required comment fields: works. It tells me that the data is not complete.
e) Word filter: Works kind of. It is set to "reject". But instead I get moderation emails and have to reject manually.
f) Link filter: Same as word filter. It is set to "reject" at more than 10 links. But I get moderation emails and have to reject manually even for emails with 30 links

I've tried all kinds of setting combinations. I've also deleted and re-installing the plugin. But the behavior is always the same. Any ideas what could be wrong?

thanks in advance, Axel


Here are my plugin configuration settings:

Emergency comment shutdown: No
Disable spamblock for Authors: none
Do not allow duplicate comments: Yes
Reject comments which only contain the entry title: Yes
IP block interval: 1
Forbid direct comments (XSRF protection): Yes
Enable Captchas: Yes
Force captchas after how many days: 0
Force comment moderation after how many days: 30
What to do with comments when being auto-moderated: reject
Trackback/Pingback ip validation: reject
Force API comment moderation after how many days: 1
What to do with trackbacks/pingbacks when being auto-moderated: reject
How to treat comments made via APIs: reject
Check trackback/pingback URLs: yes
How many links before a comment gets moderated: 3
How many links before a comment gets rejected: 10
Activate wordfilter: reject
Activate URL filtering by blogg.de Blacklist: reject
Akismet API Key: (none)
How to treat Akismet-reported spam: reject
Hide E-Mail addresses of commenting users: yes
Check e-mail addresses? Confirm once
Required comment fields: name,email,comment
Block bad IPs via HTaccess: Yes
Choose logging method: File

[Timbalu]

Sounds somehow muddled.

I turned on the Spam Protector plugin.

How? Isn't it turned on by default?

When uninstalling and starting from scatch, did you have a look if the spamblocklog db table was erased too?

[garvinhicking]

Hi!

That's odd!

About captchas: What's your blog, I'd like to see the captcha there and check your blog's Cookies. It might be that PHP sessions are not properly utilized. When you log into your admin backend and do NOT! check the checkbox "remember me", can you properly post a blog entry? Or do you get a duplicate login frame everytime?

About check e-mail adresses: The option not actually checks email for syntax (but it should check that "@" must be there), but sends a confirmation mail. Does your webhost properly send out mails, do you get ANY mails? Are you able to retrieve the mail.log from your provider to see if mails have been sent out? What's your URL, then I can test the mail sending function as well.

About word filter: The reason why a comment gets moderated is contained in the moderation email and the spamblocklog DB table. Please check the reason, and tell us which word(s) you exactly entered and what you enter to get the result you don't want.

Also, word/link filters are executed one after another, it could be that one rule already applies to your mail for moderation, before the "reject" filter can even take place. Also for this, we could use precise comments you tried it with and what exactly you filter for.

Do you have any other antispam plugins installed apart from spamblock? Like recaptcha, spamblock bayes or RBLs?

Regards,
Garvin

[xlvisuals]

Timbalu, Garvin,

thanks so much for your reply. I am traveling at the moment and have no permanent internet connection, so it takes me a while to read/check/respond. Also my webspace has no MySQL and I'm using SQLite and can't check the tables without downloading the whole file. Which is happening right now, thanks to McD...

Regarding the captchas: The blog is blog.xlvisuals.com, and then there is www.vespina.net. Both have the issue, but vespina.net is an older Serendipity version and I am upgrading at the moment. I actually never use "remember me", I always test the blog from a different browser and/or after deleting all Cookies, history etc.

Emails: I get all the emails from my blog all right, like when people add comments. Unfortunately I don't have access to any mail logs.

Moderation: hmmm, the log doesn't say much more than "[MODERATE: You will now receive an email notification with which you can approve your comment.]" plus the comment text. And the email that I get doesn't state the reason either, just "Requires review: Yes (You will now receive an email notification with which you can approve your comment.)".
Check out the log: http://www.brainforge.net/vespina/spamblock.log

thanks again for your help. I'll have a look at the database file once it's downloaded, and test the other blog once the update finishes. Takes ages, have to upload the uncompressed archive.

cheers, Axel

[Timbalu]

Hi Axel

About b)
I get the same behaviour by false captchas:
Your comment was successfully added.
Warning: This comment needs approval before it will be displayed

But Cookies seem to get set and the Guestbooks Captchas are working as expected. (Btw, did you upgrade to latest version 3.26?)

This tells me something must be misset with your spamblock plugin and db table.
Is there any other plugin installed which could harm Captchas and Spamblock settings?

Happy sailing!
Whow I would definitely do this, if I could! Good luck!

[xlvisuals]

Hello Ian,

thanks for checking it out. Yep, cruising on a boat is really nice. Except for having to hunt for wifi networks. I have updated both blogs to 1.5.5 now, same behavior. I hadn't used a spam protector service so far. Now I have TypePad Antispam activated, but I still get spam comments for approval. But fortunately they don't make it into the article anymore, though I can't say why.

Here is a list of my plugins:
Markup: Serendipity
Markup: Emoticate
Markup: NL2BR
Browser Compatibility
Forgot Password
Spam Protector
Spartacus
Typeset/Extended Buttons for non-WYSIWYG editors
Extended Editor Buttons: Youtube etc.
Customizable Entries Archive
Layout-Plugin: Printerfriendly version
Guestbook
POPfetcher
Cronjob scheduler
Static Pages
Export blog as PDF

I can live with the situation as it is now. The "IP block interval" reduced the amount of spam dramatically, and with the settings (words or captchas or typepad, I don't really know) the comments don't get published but moderated. And I just ignore (or auto-delete) those emails.

It worries me a little that the filters don't behave as expected and the moderation emails don't say what filter selected the comment for moderation. If I was at home I'd debug the code and fix that for the community. Sorry if I have to pass for a while, but what's the point of taking time off to go sailing and then debug code just like the last 20 years .

Thanks again for your help guys, I'm very happy with s9y.

cheers, Axel

[Timbalu]

Stay tuned, Axel, I'll have a look, but can't promise
In the meanwhile you could try using spamblock internal debug output disabling the // after
// DEBUG, search for them.

[Timbalu]

Hi Axel, Garvin

I would say this is a bug!

line ~780

Code: Select all

$forcemoderation_treat = $this->get_config('forcemoderation_treat', 'moderate');

will always be string 'moderate', even if this was set to 'reject', I assume.
So we better use simple

Code: Select all

$forcemoderation_treat = $this->get_config('forcemoderation_treat');

later on this will be checked by

Code: Select all

                        // Check for forced comment moderation (X days)
                        if ($addData['type'] == 'NORMAL' && $forcemoderation > 0 && $eventData['timestamp'] < (time() - ($forcemoderation * 60 * 60 * 24))) {
                            $this->log($logfile, $eventData['id'], $forcemoderation_treat, PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION, $addData);
                            if ($forcemoderation_treat == 'reject') {
                                $eventData = array('allow_comments' => false);
                                $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
                                return false;
                            } else {
                                $eventData['moderate_comments'] = true;
                                $serendipity['csuccess']        = 'moderate';
                                $serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
                            }
                        }

[garvinhicking]

Hi!

line ~780

Code: Select all

$forcemoderation_treat = $this->get_config('forcemoderation_treat', 'moderate');

will always be string 'moderate', even if this was set to 'reject', I assume.

No. The second parameter is the fallback, if the plugin config was not saved yet. If it is set to "moderate", the return of this->get_config will return "moderate".

The spamblocklog reveals that all mails get moderated because the "Check e-mails" is enabled to require a confirmation for each user. This is done by setting a comment to moderated, which in turns triggers also sending a mail to admins about this. So if you would disable this email confirmation option, the other moderation features would take effect; or anything that uses "reject" would override a confirmation...

Regards,
Garvin

[Timbalu]

Oops wie peinlich!
Ich stehe dazu wie ein Mann!

Gute Fahrt, Segler!

[xlvisuals]

guys, you are so awesome

Ok, I set "Check e-mail addresses?" to "No" now. Let's see how this changes things.
Btw, I am now anchored next to a boat named ... "Serendipity". Hehe

all the best -xl

[Don Chambers]

Anchored? If you live or spend much of your life on a boat, I am very envious!

[xlvisuals]

Wow! Now that I've set "Check e-mail addresses?" to "No" the Captchas actually work, and I have to enter the correct code or the comment won't get posted. Interesting . And great. Thanks Garvin, and Ian of course. And sorry Don - I took a little break from the software business two years ago and went sailing. But I'll be back .