From Wikipedia, the free encyclopedia
Jump to: navigation, search

Forum spambots[edit]

I'm suprised there's no info about spambots that stalk forums advertising various things against the rules, usually in their off-topic discussion sections or replying to random topics.-- 19:15, 21 November 2006 (UTC)

Possible plagarism?[edit]

I found pretty much the same content on the page - almost word for word.,,sid14_gci896167,00.html

Spambot / Email harvester[edit]

Is it me or aren't the web-crawler versions more referred to as email harvesters? Breno 11:02, 19 February 2007 (UTC)

Disposable email addresses[edit]

Personally, I think that subscribing to a disposable email address service was a good choice for me. I have only one disposable address that I use for my friends (easily changed), and dozens of addresses that I use for forums, newsletters, product registrations, etc. Any spam showing up on one of these addresses could be shut-off, simply by deleting the disposable address from my address book.


I removed the last addition to Spambot regarding the Botnet/Spambot "Darkmatter". There were no sources or references given. I also found the following to be ambigous:

he resides in gela ,even though there are not video or photos of him,most of the people think that he never went out of his room,because of extrem and intense spamming in forum like WI and TW commnly know as letamaio

Is the writter speaking of a bot or a person? Entens (talk) 15:36, 8 February 2008 (UTC)

Evolution of Spambots[edit]

This has led to the evolution of sophisticated spambots that can recover e-mail addresses from character strings that appear to be munged.

So, pray tell, is there any effective email munging method any more? Is there any point?

A: Yes there is. From experience, I do not believe that encoding addresses as hex characters or suchlike is of any use, as most modern languages have builtin functions to undo this. I do not know of any cases of Javascript encryption being broken yet, though it is obviously possible in theory.

Did a quick test the idea of loading a Javascript-protected page into a browser and scraping the contents with Ctrl-A/Ctrl-C/Alt-Tab/Ctrl-V, and in principle this could be a way of circumventing basic js protection. However, AFAICS it would only work for scripts which actually write the address into the browser-window as plaintext, on document load. Since a carefully-written script would not do so, or would only do so upon user-interaction such as pressing a button or whatever, this doesn't seem a very effective harvesting method. Thus, I think the js method should still be secure so long as the script calls-for some kind of user-interaction to display the address. In fact, the script can launch an email session directly on user-action, avoiding the need to ever display the address in the browser.

There is a certainly a pressing need to act to prevent harvesting, in fact this is the crux of the whole spam problem. Deal with the harvesting and there's little or no point in running a spam operation anymore. The key issue here is that too many webdesigners fail to take preventive action of any kind whatsoever. Why is uncertain. Laziness, possibly. Or, is it as this article hints, that they are afraid of attracting the attention of crusading 'Accessibility' litigators if they don't put standard, plaintext mailtos on a site? If the latter, then this raises some searching questions as to responsibility for the current spam problem. --Anteaus (talk) 13:38, 16 May 2009 (UTC)

Accessibility references[edit]

There's a place where it says we need to include references for guidelines for avoiding discrimination against disabled people. A quick Google search turned up these:

  Linkname: Web Content Accessibility Guidelines 1.0
       URL: http colon slash slash
  Linkname: HTML Techniques for Web Content Accessibility Guidelines 1.0
       URL: http colon slash slash
  Linkname: Techniques for Web Content Accessibility Guidelines 1.0
       URL: http colon slash slash

(Wikipedia won't let me put links in this discussion, so I had to munge them!)

I'm not a wiki expert, so some expert please edit these into the list of references, then add links from the place in the main text where it says they are needed. (talk) Robert Maas, for contact info —Preceding undated comment added 04:02, 9 August 2009 (UTC).

Semiprotection review[edit]

  • 08:16, 20 May 2008 Hu12 protected Spambot ‎ (repeated vandalisn by anons [edit=autoconfirmed:move=autoconfirmed])

I'd like to review this to see if semiprotection is still necessary, nearly 18 months later. As well as welcoming opinions from regular editors I have contacted user talk:Hu12, the protecting admin. --TS 00:38, 1 October 2009 (UTC)

A couple of offsite resource links to consider.[edit]

Since I am involved in both of these sites, I think it proper for a 3rd party to review both, before adding links to the article. I feel that (which I moderate the forum of) is an invaluable resource to securing forums, as it has a "live" blacklist database of previous forum spamming attempts, containing e-mail address, IP address, and chosen username of the spammers found by moderators/admins on 100s of forums.

The other is my site, . I have written and published a GNU/GPL V.2 php script that evaluates connections, and on attempts to register, confirm, or log into several compatible forum scripts, checks to see if the IP is a known spammer before letting them proceed. It can also check the list of known TOR nodes and stop that too. It has other functions, regarding hackbot neutralization that I won't go into here.

So, if you feel these are suitable for offsite links, I would appreciate a 3rd party adding them to the article. (This request will also be posted on page "Forum spam"). (talk) 16:41, 11 May 2010 (UTC) Zaphod

Somebody do something[edit]

Someone please find out a way to undo the numberings before the subject headings. EgayovikiW (talk) 16:37, 23 May 2013 (UTC)