The MU forums have moved to WordPress.org

sh*t list for domains (53 posts)

  1. drmike
    Member
    Posted 10 years ago #

    Being honest on the title. :)

    I've been going through and removing spam blogs today and getting rid of never used blogs. (More about the second half later on)

    Anyway, here's my list of blocked domains that do nothing but register spblogs on my sites. Feel free to post your own. I'm sure I have more and I'm getting real tempted to start blocking the hotmails of the net.

    Hope this helps,
    -drmike

    forex-broker-news.com
    lawyer.com
    163.com

  2. Ovidiu
    Member
    Posted 10 years ago #

    here are mine:

    chazears.biz
    altaairconditioner.info

  3. Farms2
    Member
    Posted 10 years ago #

    This is going to sound extreme but I'm considering banning all .info domains... too much splogging.

    Otherwise: 126.com mail.ru .info

  4. dizzy99
    Member
    Posted 10 years ago #

    Users from mail.ru have been spamming my drupal site and i've put that domain permantly in my sh*tlist. It drove me insane.

    Heres a few others

    cashette.com
    gawab.com
    web.de
    yoricksite.biz
    newpostcash.org

    Others you may wish to consider are located here

    http://www.securitywatch.co.uk/forum-spam/more-spam-emails-183.html

  5. drmike
    Member
    Posted 10 years ago #

    info-webs.org

    Disagree on the *.infos by the way. I host a couple hundred of them.

    I noted web.de and cashette.com a few days ago. I've gone ahead and added them.

    I'm going to submit a ticket to get the Banned domain adress line made into abox or something larger. It's too small for me. :(

    I would also like to see the usage of a default ban list but I don't know if Donncha would go for that.

  6. donncha
    Key Master
    Posted 10 years ago #

    Made the text box into a textarea which should make the list easier to enter.

    We probably need some sort of plugin that throttles registrations in a smart way to stop the spammers.
    Or what about something that sends an email to the site admin giving a summary of signups during the day? Count by IP, registration domain, patterns in blogs like xxxx1, xxxx2, xxx3 etc.
    Anyone want to code that?

  7. lunabyte
    Member
    Posted 10 years ago #

    Sure, why not.

    For the registration, I assume you're thinking of some kind of flood control?
    Like block ip's that try to register more than once within the last XX (like 60 seconds, or 15 minutes, or 24 hours)?

    Sign-up summary wouldn't be difficult.

    My only "concern" is (last I looked) there weren't any hooks for registration functions.

    Me personally, I'd love for there to be some hooks for all the signup functions so I can quick hacking in my registration captcha. :D

    Of course, it would help out for the flood control deal as well.

  8. dizzy99
    Member
    Posted 10 years ago #

    I have to agree that some sort of registration hook would be great.

    We could include Terms and conditions boxes there, capchas etc without hacking core.

    I have to admit i haven't put the capcha back on on 1.1 yet as i'm truly trying to not hack any core files.

  9. drmike
    Member
    Posted 10 years ago #

    Not hack core files? I couldn't live with that. Have 17 of mine hacked to get the stats program running, new links load upon blog creation, the internal feeds to show up on the wp-admin/index.php page, the ToS/AUP to show up on the signup page, (I need to put that back in) etc.

    Friendly reminder that I mentioned the idea of seeing the IP address where an account has been registered from was something I suggested a while back. I know you made mention that it's in the table but it would be easier to do a lookup if it was available on the wp-admin side.

    Maybe on the edit user page as a display instead of a field that can be edited maybe?

  10. donncha
    Key Master
    Posted 10 years ago #

    There are plenty of hooks already in wp-signup.php - look through the file for do_action and apply_filters.

    Most of it should be self explanatory, but it might take a while to get your head around because it's not simple.
    Hopefully I'll get around to posting something about those hooks on the wiki at some stage next week because it's something I've been meaning to document for a while.

  11. dizzy99
    Member
    Posted 10 years ago #

    Oh that would be really handy Doncha :)

  12. lunabyte
    Member
    Posted 10 years ago #

    Strange Donncha, I guess I flat out missed them then.

    I'll breeze through them later this evening and see what's cookin.

  13. drmike
    Member
    Posted 10 years ago #

    I have yandex.ru on my list as of this morning.

    Regards,
    -drmike

  14. drmike
    Member
    Posted 10 years ago #

    Looks like we can add in highestnet.info to that list as well.

  15. Cruz
    Member
    Posted 10 years ago #

    I also have 126.com and chazears.biz banned.
    ibuzzmachine.com is not yet mentioned in this thread.

  16. Cruz
    Member
    Posted 10 years ago #

    Also agree on the mail.ru

  17. bradmkjr
    Blocked
    Posted 10 years ago #

    Why doesn't someone write a akismet.mu, where it simple tracks IP address of blog signups. Then each MU Admin can adjust the tolerance. So maybe they would allow a new signup every 7 days per ip, or every 12 hours etc. As it being a central database, on ALL Mu blogs, it would be very effective. Once a ip or domain gets flagged, it would go back to the central database and prevent the spammer from signing up at any MU account.

    This isn't a hard project, and actually would consider doing it myself if it was something people would be interest in using, so please let me know.

    Brad

  18. drmike
    Member
    Posted 10 years ago #

    Agreed as it being easy but blocking IP addresses wouldn't affect it. For example, I could move two tables over and be in a completely different class C. Go upstairs and I would be in a third class C. (I'm sitting in a university library currently.)

    I'm still eyeing gmail and yahoo though as they lead my spammers.

    I did note that highestnet.info is still bale to sign up even though they're on my list. I opened a ticket about it with trac on the issue.

  19. Cruz
    Member
    Posted 10 years ago #

    Adding the following:

    wanettavais.info
    tashiavanhamme.info
    lynellvantrump.info
    alejandrinarynes.info
    sheryllvasaure.info

  20. jasonapearce
    Member
    Posted 10 years ago #

    For starters, consider whoo and Balupton's WP-Deadbolt plugin http://www.village-idiot.org/archives/2007/01/10/wp-deadbolt/ to prevent people from registering with domains you don't like. Then update the plugin's array. Here are the domains I no longer permit to create an account:

    $badmails = array(
    	'126.com',
    	'163.com',
    	'2youm.info',
    	'alejandrinarynes.info',
    	'altaairconditioner.info',
    	'blah.org',
    	'bumpymail.com',
    	'cashette.com',
    	'centermail.com',
    	'centermail.net',
    	'chazears.biz',
    	'discardmail.com',
    	'dodgeit.com',
    	'e4ward.com',
    	'email.net',
    	'email.ru',
    	'emailias.com',
    	'fakeinformation.com',
    	'forex-broker-news.com',
    	'front14.org',
    	'gawab.com',
    	'ghosttexter.de',
    	'ibuzzmachine.com',
    	'info-webs.org',
    	'jetable.net',
    	'kasmail.com',
    	'lawyer.com',
    	'link2mail.net',
    	'lynellvantrump.info',
    	'mail.ru',
    	'mailexpire.com',
    	'mailinator.com',
    	'mailmoat.com',
    	'messagebeamer.de',
    	'mcn.com',
    	'mtmlcore.info',
    	'mytrashmail.com',
    	'nervmich.net',
    	'netmails.net',
    	'netzidiot.de',
    	'newpostcash.org',
    	'nurfuerspam.de',
    	'privacy.net',
    	'punkass.com',
    	'sheryllvasaure.info',
    	'sneakemail.com',
    	'sofort-mail.de',
    	'sogetthis.com',
    	'spam.la',
    	'spambob.com',
    	'spambob.net',
    	'spambob.org',
    	'spamex.com',
    	'spamgourmet.com',
    	'spamhole.com',
    	'spaminator.de',
    	'spammer.com',
    	'spammotel.com',
    	'spamtrail.com',
    	'tashiavanhamme.info',
    	'trash-mail.de',
    	'trashmail.net',
    	'wanettavais.info',
    	'web.de',
    	'wuzup.net',
    	'yandex.ru',
    	'yoricksite.biz'
    );
  21. lunabyte
    Member
    Posted 10 years ago #

    Nice list, but MU already has a "disallow from domain" function. So the plugin part isn't needed, but that list is quite appreciated.

  22. JanBrasna
    Member
    Posted 10 years ago #

    The thing with web.de, mail.ru and yandex.ru is that they are yahoo.com or aol.com equivalent. You can't really block them if you cater a particular region (PITA esp. in Europe). Imagine e.g. a German MU site blocking yahoo.com ... That's just weird and may be even slighty ignorant to other countries (or services the operator simply may not be aware of).

  23. vibhash
    Member
    Posted 10 years ago #

    The best way would be to have a wiki page where each one of us can add their sh*t list domains, so any one can access the whole list and ban those sites:)

  24. drmike
    Member
    Posted 10 years ago #

    -1 Gotta admit that I would rather see who's suggesting them and if I trust that person.

    No offense meant of course.

  25. drmike
    Member
    Posted 10 years ago #

    Add in etwe.com :(

    It's nothing but a link site anyway.

  26. lunabyte
    Member
    Posted 10 years ago #

    inbox.lv

    is a new one on my list as of this morning.

  27. demonicume
    Member
    Posted 10 years ago #

    i am getting slammed with fake@gmail.com accounts.

  28. drmike
    Member
    Posted 10 years ago #

    Can't really do anythng about gmail unless you want to block them for good.

  29. lunabyte
    Member
    Posted 10 years ago #

    Well, if they are fake though, then they shouldn't be fully signed up, right?

    I'll admit that a good share of users on any of my domains have gmail accounts.

  30. drmike
    Member
    Posted 10 years ago #

    I think demon means that they're just spammers using those accounts and not true users.

    I'm dropping ev1/theplanet IPs into my block list. Hmm, I wonder why. (They've been blocked at the router level for years)

About this Topic

  • Started 10 years ago by drmike
  • Latest reply from indeepdark