Serendipity Forums

User and developer community
https://board.s9y.org/

Bots bypassing Captchas?

https://board.s9y.org/viewtopic.php?t=1723

Page 1 of 1

Bots bypassing Captchas?

Posted: Sun May 08, 2005 6:13 am
by boone
Over the past couple days I've been getting poker spam comments. While I have old entries set to require moderation and use the captchas, I'm not sure how they get through in the first place.

The most recent spam came tonight via a single POST...no GETs of the content or captcha files, at least not from the same IP, and no blog GETs were made any time near the POST time.
80.58.44.170 - - [07/May/2005:23:28:09 -0400] "POST /mike/archives/60-Comet-Machholz,-Part-2.html HTTP/1.0" 302 0 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 95; qxw03377)"
The comment contained this:
Requires review: Yes (Spam Prevention: Invalid message.)
User IP-address: 80.58.44.170
User Name: online casino
User Email: info@online-poker-online-poker.net
User Homepage: http://online-poker-online-poker.net

Comments:
http://online-poker-online-poker.net
http://online-poker-online-poker.net/online-casino/ online casino
How are these getting through?

Posted: Sun May 08, 2005 6:22 am
by boone
I found a couple more spams. Just POSTs from nowhere:
67.180.239.246 - - [07/May/2005:23:39:34 -0400] "POST /mike/archives/33-Argh,-Referer-sic-Spam.html HTTP/1.1" 302 5 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; DT)"
212.123.26.115 - - [07/May/2005:23:39:58 -0400] "POST /mike/archives/48-Spam,-Spam,-Spam,-Spam.html HTTP/1.0" 302 0 "-" "Mozilla/5.0 (compatible; Konqueror/3.1; Linux 2.4.22-aes; X11; i686)"
Aside from the different IP addresses, all had the same content.

Posted: Mon May 09, 2005 2:07 pm
by garvinhicking
Yes, this is common spam. You can set the spamblock configuration to default reject spam instead of flagging it as "moderate".

Regards,
Garvin

Posted: Mon May 09, 2005 2:41 pm
by boone
I will change my settings to reject, but I am curious as to how they are circumventing the captcha system.

Posted: Mon May 09, 2005 3:24 pm
by garvinhicking
They are not curcumventing the captchas; just another antispam method kicks in before the captcas.

If any spam check (like duplicate contents) evaluautes true before captchas are checked, all other checks are skipped. In your case it seems duplicate contents or another check gets hit first. YOu can look in your spamblock logfile/table to see which check it is effectivley. :)

Best regards,
Garvin

Re: Bots bypassing Captchas?

Posted: Sat Dec 18, 2010 5:01 pm
by Stosh
That answered my question too. Thanks.
-s
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited