HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

block by email address field?

I get a LOT of spam from a single email domain (mailclubs.info)

Does this plugin search text patterns in the email address field?

Thanks

Comments

  • edited March 2016

    You must ensure that plugins/RegistrationRestrictLogger/list/registrationrestrictlog.php is writeable.

    You may need to change the permissions on
    plugins/RegistrationRestrictLogger/list folder and/or registrationrestrictlog.php file itself.

    Leave the <?php exit(); at the top of the file to prevent dowloading or anyone else reading it.

    You can view log through cpanel or ftp - registrationrestrictlog.php

    What this plugin does:

    It logs attempted registrations in a file and suggests possible Bots.
    It prevents anybody who puts a web address in the "Why do you want to join box" from registering

    It is suggested that you change the definition in your terms of service - Do not enter any web sites in the "Why do you want to join box".

    Also you should keep an eye on the log size.

    If you want to save old logs you could copy registrationrestrictlog.php to MD-registrationrestrictlog.php

    and then

    If you want to make a new log copy orig-registrationrestrictlog.php to registrationrestrictlog.php

    Some preset known spambots have been added and filtered out of log as well as prevented from registering.

    The patterns searched for are in spampatterns.php

    The ips searched for are in spamips.php

    To use - let's say a spammer always enters the phrase "I needs your site" as shown in your log in registration

    Then you just edit and add the words: I needs your site to the spampatterns.php

    To use - let's say a spammer always comes from 218.86.50.58 as shown in your log in registration, then you just edit and add the Ip number example: 218.86.50.58
    to the spamips.php file.

    To use - let's say a spammer always comes from 218.86.50.58 or 218.86.50.59 or 218.86.50.60 as shown in your log in registration, then you just edit and add the first few numbers that are the same example 218.86.50

    To the spamips.php and will block addresses ranged from 218.86.50.0 = 218.86.50.255

    Any patterns matched from spampatterns.php or spamips.php will be exited from registration and presented with this message.

    AND given a message 404 - and send http response header not implemented

    The email they use to spam contains the IP number, so just enter the site from where the email came from and get the IP here http://www.getip.com then add it to the filter.

  • I understand that you can block specific emails with this plugin, but if it has to be done by modifying plugin - I would say plugin 'Limit Registrations' will be much easier, since it's just matching emails through regex.

  • @ligyxy said:
    I understand that you can block specific emails with this plugin

    No, you can block specific IP and IP ranges

    IP is the identifying number for emails sent from that address. One IP may have thousands or millions of email addresses. You want to block it at the source.

    I would say plugin 'Limit Registrations' will be much easier, since it's just matching emails through regex.

    Great idea but how would you be able to keep up with unlimited email addresses coming from the same IP ?

    Blocking Ip range is the way to go.

  • ligyxyligyxy New
    edited May 2016

    @vrijvlinder

    I guess that's quite different ways to approach it, but I don't think we can just assume the spammer will keeping using one IP range. If the email domain is the same, isn't it an easier and constant way to match it?

    For example, on my site, the form will return error msg if the applicant submit a non .edu email.

  • A domain name is a name that identifies one or more IP addresses. For example, the domain name microsoft.com represents about a dozen IP addresses.

    Every domain name has a suffix that indicates which top level domain (TLD) it belongs to. There are only a limited number of such domains. For example:
    gov - Government agencies
    edu - Educational institutions
    org - Organizations (nonprofit)
    mil - Military
    com - commercial business
    net - Network organizations
    ca - Canada
    Because the Internet is based on IP addresses, not domain names, every Web server requires a Domain Name System (DNS) server to translate domain names into IP addresses.

    IP adress is like an individual, domain name is like the family, or family name in some cases where there is a single IP

    With a domain name you tell where your network is located. A domain name is an IP address itself, well, a domain name is matched/tied to an IP. For example, microsoft.com might be the domain name for IP 255.255.255.255. It is easier to use a name (written in English) than a set of 12 numbers, so that's why domain names exists; but remember, they are just names pointing to an IP address.

Sign In or Register to comment.