I love spambot. I was getting inundated with spambot accounts, and this module has slowed this to a trickle. Thank you!!!
However, many normal, non-spambot users are getting blocked with the "go away" message. This is because their usernames, like "Mike", "Jan", "George", etc, are already being usurped by spambots. Most normal users will not understand the rude message for what it is.
Suggestions for features to solve for this:
a) minimum number of letters to check for name (only check names longer than X chars) against spambot. Most spambots love those longer meaningless usernames.
b) allow for checking name and/or email address (rather than defaulting to both)
c) add IP address name for check for spambots. This would allow IP addr and email addr rather than name and email addr (perhaps more likely to have less false positives and more true negatives)
d) combination (admin check boxes for selecting at module config time) checking 1) username 2) email addr 3) ip addr
Thanks again,
George
Comments
Comment #1
NickLitten commentedAhhh... excellent!
I loved the idea of Spambot and have had it running but had a couple of potential customers complaining that they are unable to purchase online (I use Ubercart) because they couldnt create an account... this might be the reason... they just reported an error message saying "GO AWAY"
Any chance we can softcode the message?
Comment #2
miiimoooTry the dev version and change it in
admin/settings/spambot
Comment #3
miiimooo(actually is a different issue so reactivating)
Comment #4
mwoida commentedI like this module too! I'm not a programmer, but I commented out the php bits that validate the user name and I manually changed the outgoing message. Now the module only validates the email and issues a more deferential notice if it is determined to be blacklisted.
One hiccup however (and this might be deemed a separate issue): I am running the latest dev version and none of the admin features are showing up anywhere.
Comment #5
miiimoooThey should be under admin/settings/spambot - maybe just needs updating the menu cache or something. Ther you can also change the "go away" message
Would be good to get a patch against the dev version for selecting what to check against SFS. I'm a bit busy at the moment but happily would accept a patch of course...
Comment #6
matteoraggi commentedGoing here I get no one page admin/settings/spambot sing dev too.
Comment #7
hawkdrupal commentedChecking email address and name does not work. It is naive, actually, to think that spammers use real addresses, and are consistent in using them. This method creates mostly false positives, and a massive number of innocent victims.
Many innocent parties have their email spoofed by spammers. It is rare that spam does NOT come from a fake address, almost always an address that is reputable. Blocking the email address only hurts the victim who was spoofed, while next time the spammer just switches to a different victim.
We see tons of spam all day that seems to come from "big name" companies and organizations in the U.S., Canada and Western Europe, but but checking the email header for IPs, then checking the IPs, we determine it really comes from China, Russia, etc. If we blocked email by address we'd simply cut off major banks and major companies from using our sites, but we'd have zero affect on actual spam.
The only valid check is of IP address. While the IP and part of the email header can be faked, or varied, that is much more difficult, and usually there is some evidence that it's faked.
Comment #8
miiimooo.. or following your own logic you will block
There are probably more issues but then I'm not quite sure this is the right place to discuss general spam tactics. Spambot uses one approach. You're free to (not) use it. It seems to work for some people though. There are many other modules. You can always use one of those.
Comment #9
miiimooosee 6.2 release