A simple method for controlling spammers.

NewtonLoop's Guide to Controlling Spammers on AGB
Suited to the technically impaired.

Hi AGB users. Here's a few simple methods I use to manage spammers on my AGB setup. It's not hard and once you get set up, doesn't take alot of time to deal with, not withstanding occasional new waves of spammers from some new far off place.

This method relies on having an email client that will display email header information to you. I use Yahoo. If you don't want to do this then don't do it but it works for me. If you need image verification or AGB upgrades follow the advice given elsewhere.

Follow these steps.

(1) Go on Yahoo and set up a free email address for yourself to which you will send alerts that your guestbook has a new entry.

(2) Go on your website and figure out how to login to the admin area

(3) Select the General Settings tab.

(4) Locate and select "Show IP or Hostname".

(5)Locate and select "send e-mail to webmaster" from the E-mail notification box and make sure your YAHOO email address is entered correctly there.

(6) In the Guestbook Comment box turn on "Password required" and enter desired password where indicated. You may need to upgrade AGB for this feature.

(7) Locate and select the Censor Option box and enter in censored words as desired.

(

Locate and select "Banned IP?" at the bottom of the page and notice the text box for entering IP numbers.

(9) Select the Submit Setting button and close the admin page.

(10) Go into the General Setting page and notice the edit and delete links for every message listed there and that several messages have website url links associated with them. Notice the names of these sites. Many are ecommerce spam websites. Also notice that some of the return email addresss are missing or fake, ie "Bob@yahoo.com". These are clues you'll be looking for again later.

(11) For any spam messages that are showing their IP address, do a copy and paste of the IP address into the Banned IP section in the Admin page. Be sure to replace any dashes - with periods . in the IP address.

(12) For any messages not showing the IP address you can do a reverse IP lookup on the internet and discover the IPs on several of them but it's time consuming and not worth the effort.

(13) Delete all unwanted messages from the General Settings page by selecting the delete link next to each message.

(14) Close out of ABG and wait for the spammers to return.

(15) Every message added to your Guestbook will automatically send you an email to you at Yahoo with the content of the message. Look for messages that are fake gratuitus messages of what a great website you have, are linked to other websites or have fake email addresses.

(16) For any suspicious AGB entries you suspect you will be deleting and blocking, go to the bottom of the email message and turn on expanded headers.

(17) Follow down about halfway and locate the line shown below and notice the IP address.

Your numbers (the spammer's IP) will be different.

www.yourname.com/guestbook/addentry.php for 68.32.73.53

(1

Mouseover the IP address and right click on it it begin a cut and paste of the information.

(19) Now that you have been alerted to a suspicious AGB entry and you already heve the IP address, go onto your website and review the message in question.

(20) If you decide to, delete the message now.

(21) Next, go into your AGB admin section and do the cut and paste to add the IP address into

the banned IPs list box. For mamagement and readability, enter and keep the IPs in numerical order. This allows you to learn and seen patterns, etc.

(22) That's it.

My spam dropped to almost nothing and except for occassional spurts from new groups is problem free and since I already use Yahoo mail is was no extra effort.

If anybody wants a jumpstart, I'll send them my list of banned IPs so far.

Hope this helps.

Cheers,
NewtonLoops

or you could just add the human verification mod - http://proxy2.de/forum/viewtopic.php?t=4678

Or switch to Lazarus

I have the human verification mod installed. In fact you helped me on it to my grateful appreciation. It's a deterrant but it doesn't stop spammmers who don't mind the extra step. Please correct me if I'm wrong.

You never know who the spammer is going to be. I'm not really bright at this but what I understood was that the only way to stop a spammer was to block the IP after the first spam to prevent repeated spams from the same source. No?

I looked at Lazarius. I would be happy to install or upgrade to anything anytime but somehow those things never go 100% problem free and at this time I don't want to get side tracked on something not to do with finishing my web projects. AGB is working fine as is and I occasionally have to go delete a fake message with a url link to soome junk site. Not too harh.

I did have some questions about Lazarius though that I'll save for a different thread. I have to go read up on it first but don't have the time right now.

Thanks.
NL

I've had some spam even with the human verification. Lazarus stores both the IP and the hostname to make banning easier. I did write a mod to make AG store the ip instead of the hostname. It's in these forums somewhere.

Carbonize wrote: Lazarus stores both the IP and the hostname to make banning easier. I did write a mod to make AG store the ip instead of the hostname. It's in these forums somewhere.

I remember reading that. Actually, this is the only reason I am using Yahoo as a step in this process, because the AGB doesn't always log the IP. I was going and doing IP lookups to get the numbers. Yahoo always logs the IP in the messgae header ans since I use yahoo for all my email it was no extra effort to grab the IP number to and go right into the agb admin. I just had to realize to turn on mesage headers.

NL

In theory the IP the email was sent from should be your own server. Never actually checked it myself.

So I would be blocking myself then?

No it would just stop the server being able to post in your guestbook which wouldn't happen anyway. I may be wrong, as I said I have never really paid that much attention.

Ok just tested and yes the originating IP is your servers IP.

well i'm lost.
s'ok. it's working