I have a list of email addresses and one ISP that Drupal users may want to immediately add to Access Deny Rules. Better to get them in there right away than have to delete countless comments and get emails from Nigeria 50 times a day.

%expertadnt.com%
%magnomsolutions.com%
%mystiknetworks.com%
%catindiamonds.com%
%dokifriends.info%
%megavigor.info%
%idolsystems.info%
%thebytehouse.info%
%hyperfastnet.info%
%zensolutions.info%
193.37.152.250

Comments

bcarson’s picture

Thanks. These are not yet on spambot or others, but I'm getting hit by these, despite using the CAPTCHA module.

bherlig’s picture

I can confirm this spammer as well. Here's two additional domains used for spam account registration:

microfibers.info
aliasnetworks.info

cdu’s picture

I just got 3 bogus requests for an account within the last few hours from two of the domains listed above.

I'm new to Drupal, and using version 7. I can't seem to figure out where set these rules. Can someone point me in the right direction?

Thanks.

skizzo’s picture

Since I am not on D7 I am not positive...
but it is in admin/user/rules in D6

cdu’s picture

Thanks for trying. It's actually under admin/config/people/ip-blocking.

vortexcentrum’s picture

Unfortunately, in D7 only IP blocking is standard.

The facility that was in D6 (and extremely useful) to block by domain is not present. This is a significant omission and one that has already led us to convert one (originally) D7 site to D6 and we are considering doing the same with the only other D7 site we installed.

There is an module in development for D7 but its contributors admit that it's still flaky for a production environment.

I would urge that the facility to block by e-mail be restored to Core as soon as possible.

ajsoles’s picture

Is there any way the services offered by www.stopforumspam.com/ can be integrated into Drupal 7? I am a newbe so I don't know the process.
Art

Kirk’s picture

http://drupal.org/project/spambot Module seems to use this service. Though it doesn't seem to have been ported to Drupal 7 yet.

ludo.r’s picture

We're having the same problem here with a Drupal 5 site.

Steve Bizuns’s picture

%yandex.ca%
Most of my .com and .ca sites get spammed by this one.

DexCTS

ftindale’s picture

Many thanks for this list. We've been getting hit over that past few days - all from several of the domains mentioned.
thanks again

ludo.r’s picture

I have now many user accounts with : freakmail.co.cc

rantee’s picture

have seen all of the above and blocked on multiple D6 sites despite reCaptcha, reg verification by email, etc.

gr33nman’s picture

I got one thebytehouse and one hyperfastnet spam subscriber. I think they gave up when they saw they weren't allowed to post even if they subscribed. Thanks for this list.

PDavid85’s picture

Thanks!
These was very useful for me too!
We have Image captcha enabled, but some of them registered already. Sould we use mollom? Is it better?

flippergonzo’s picture

Using Drupal 7, I can find the area where I can add an IP address to block, but when I attempt to enter one of the above domains (including and excluding the wildcards), I get an error indicating that I need to enter a valid IP.

Are folks using a different module that perhaps hasn't been mentioned in the replies? Or is there some configuration bit that I'm missing that I need to do to allow my site to deny access by domain name?

Thank you!
Jef

rupam.iics’s picture

in » Administration » Configuration » IP Address block when I want to put the IP addresses, for all the above domains, its showing,
79.143.179.238. Are they kind of using somy proxy of this domain. I have blocked 79.143.179.238 though and for one week or so do not have any such IDs getting created in my site. if anybody has valid IP addresses of the above mentioned list, kindly post here

scott859’s picture

Greetings,

I can confirm I am getting numerous attempted bogus accounts from ip 79.143.179.238 as well.

Scott

manyacs47’s picture

I am far from .htaccess savvy, but a very simple way to control spammer access is to copy and paste this into the very end of your .htaccess file (found in the root directory)

Just add to the list as you discover more attacks to your site. The below is what I am currently using

Just in case, please backup your original .htaccess file
-------------------------------------------------------------
order allow,deny
deny from sohu.com
deny from tom.com
deny from expertadnt.com
deny from magnomsolutions.com
deny from mystiknetworks.com
deny from catindiamonds.com
deny from dokifriends.info
deny from megavigor.info
deny from idolsystems.info
deny from thebytehouse.info
deny from hyperfastnet.info
deny from zensolutions.info
deny from microfibers.info
deny from aliasnetworks.info
deny from yandex.ca
allow from all

order allow,deny
deny from 193.105.210.41
deny from 173.208.175.250
deny from 193.37.152.250
allow from all

Pigeon_Inc.’s picture

Thanks! My site has just been hit in the past week from one of these addresses, you've saved the day!
THANK YOU! ....Much Appreciated pyallen97.

Pigeon_Inc.

ayesh’s picture

MichaelSandstorm’s picture

Thought I'd contribute mine to save others from their relentless spam:

%@aliasnetworks.info
%infochinesenyc.info
%viagra-cheap.org
%ipadcasemarket.com
%badadultgirls.com
%strongercolin.info
%1automovers.info
%sexcamsex.org
%pleasegoheretofinish.com
%buypill-rx.info
%wellnessintexas.info
%expertadnt.com
%dokifriends.info
%lustlonelygirls.com
%businessinfoservicess.com
%hinokio-movie.com
78.145.184.104
%zbestcheaphostingforyou.info
%pregnancymiraclereviewnow.org
194.50.164.70
79.170.50.94
94.23.228.76
%yourmoode.info
%gamesoonline.com
%mailtimail.co.tv
%entersite.org
%wowhackgold.com
%yourhighness5.info
%pregnancymiraclereviewnow.org
%allmp3stars.com
%mundocripto.com
%zillionsofdollars.info
%mmm-invest.biz
%webhostingwebsite.info
%legacymode2011.info
%infotoursnyc.info
%cvportal.net
%@nyccommunity.info
%mail.ru
222.165.130.214
80.4.254.157
%qq.com
adoralacy@gmail.com
benson.barton@hotmail.com
%unique-papers.com
%163.com
to.psit.e.m.a.i.l.d.o.m.ai.n@gmail.com
t.op.sitemai.l.d.o.m.ain@gmail.com
p7x70@fgooglwe.com
m.a.il.foregi.st.e.r@gmail.com
top.s.it.e.m.ail.d.o.main@gmail.com
%fastmailforyou.net
%mami000.com
%o2.pl
%piggywiggy22.info
%socalgamers5.info
%chinalww.com
%bikingwithevidence.info
%earpitchtraining.info
%flyingjersey.info
%journalistuk.com
%x.bigpurses.org
%tlen.pl
%mymailsrv.info
%pyroleech.com
%seemail.info
%mypaleocookbook.com
%liveset%info
%liveset100.info
heffocheffefer@mailinator.com

vortexcentrum’s picture

We operate a number of D6 sites and it's a pain to have to create and maintain a deny list manually for each.

They are entirely separate sites but all run off one MySQL database.

Therefore each has a data table containing the blocked list.

Is there any way of creating and accessing a single data table for this specific purpose so that all the sites can be updated as one?