Dolphin Anti Spam support forum.

This is the support forum for my new product. Dolphin Anti Spam. http://www.boonex.com/m/dolphin-anti-spam

Anyone who installs it and runs it, i would like some feedback on number of reduced spammers after it has been running for a few days.

How many a day before the install, and how many after.

For both of my sites i was getting between between 6-8 per hour or about 120 per day. It is now at about 1-2 per day.

I have also removed the captcha from both of my sites. They are not very effective anyway.

Current market version was just patched to fix a syntax error in the deanoDolphinAntiSpamCron.php

Was just discovered when my cron fired tonight.

I only make this first comment as excited to very soon be an owner of this mod.  While reviewing the available pre sales material I think this looks fantastic. It resembles a very popular stopforumspam api for other popular forum scripts I used to use in the past. 

I only wish to offer one wishlist item if it is within your ability.  My friend deano I mean this in the best possible way but there comes a time in all of our lives when we can no longer attend to our responsibilities. That time is clearly not yours right now because your doing awesome stuff and offering it here for us in the community to take advantage of. With that said is it possible for us who wish to host the database on our own server with update options possible? Even a link to update our database to sync with your own for updates. While that option would be pretty server intensive for those who may timeout trying to execute such a massive update another download option would be nice. This means for those who know how to use phpmyadmin or other popular SQL platforms could update our database manually. In the event in many years to come you are unable any longer support the database we would have a great database existing we could still use.

Taking it even further into the future it would be cool to have the functionality that we could report accounts for spam that are sent to your database. This would be handled with criteria such as once an email or ip address receives x amount of reports from x amount of different website owners it would be updated to the database as legitimate spam once criteria is met. This would enable live reporting. We also face the issue that if your server is making checks against our joins that your server could become overwhelmed. Even in the case your server was down for issues out of your control our join forms would time out with no successful join (unless you are coded around that).

I look forward to picking this up soon. Really looks great.

Thanks

As it works now you start with a empty database. It polls mine to begin building yours. Thus it builds a local database as it polls information from mine.

I have it do this for a couple of reasons. As your database builds up it takes the load of of mine and it also provides a means of still being able to do lookups if my server goes down for a short time which will occasionally happen. Joins do not stop when the central server goes down. There is a built in timeout so it will not stop the process. So yes, i have coded around that.

There are still a number of plans for the future such as mirror sites so the Central database is hosted on more than one server as well as key word, Bayesian and other types of spam filtering methods.

The longer the product is in use, the more kinks will be worked out and the better it will get.

Thanks for the ideas.

I never got back to you to say thanks for this reply. I just purchased. My first impression is wow! The simplicity is beautiful for how effective this is going to be. This is the best anti spam mod ever for dolphin. Integrating a small portion of this into the default contact form to block submissions of guest identified as spammers would be a cool extra.

Thanks Deano!

P.S- If I accidentally click to flag one of my existing members as spam by accident will I get a prompt asking "If I am sure?"  before deletion instead of instantly losing the members account? Or can it also be instantly restored if this mistake is made up to 60 days?

There is not warning. I will put that on my list. Developers tend to miss stuff like that.

If you do delete it, you can get it back. At least partially. Only the profile is backed up. Photos, avatars, ect will be gone. But finding the profile in the spam list to restore it may be a problem.

Tons of improvements to come. Search features for those sections are in the works to make finding the profiles easier.

More filtering methods and techniques are also planned.

It will keep getting better.

Awesome Thanks! Look forward to it.

Somehow I have just Locked myself out of my whole siyte after installing this mod , It works to well....lol , I have like three different test accounts on here , all from the same IP address ....so anyone in my hose that uses my site can not get on the site .

I used my phone to get on the site and was able to do this because the phone has a different IP address  I went in and set the last test account I made as "Not Spam" but still can not log in with my (Admin account) .....Need to know what need's to be done to correct this problem.

@grim... I use HostForWebs. When that happened to me, I contacted them and they went in and reset my password.

You do not even have my anti spam mod. So your apparently misunderstanding the issue he had here as it has nothing to do with a password.

Issue has been resolved. Needed to remove his IP address from the block list.

@grim. As i discover things i will be making improvements. Ways to more easily deal with situations such as this are being worked on.

Hi

I just install it successfully.

how can I run it to detect the current spammers whom already registered on my site?

Sorry. You can't. This quoted from the products description page.

"Also. As this is a join filtering system, it does not monitor any other part of the site."

It detects on join. It has to be able to look up their current ip and other signup information in the database. Best you can do is manually mark them from the non-spam account section of the mod.

I have about 20,000 spammers.

is there any way to mark theme as spammers but not 1 by 1

let say by domain for example all those have @163.com or so.

even a query from phpmyadmin or something like that, please help.

No. Bulkk flagging was not added due to the high risk of flagging a non spam account by accident.

Any method done via phpmyadmin will not work either because it will not fully remove the account leaving information in the database.

I will see if i can make a script that will allow you to purge by email address. But it will delete the account with no way to recover them. So you will have to be careful what emails you use it on. It will have a high risk of deleting real accounts.

To get them cleaned up your better of just using the member section in dolphin. In there you can check multiple accounts at the same time and delete them from the system.

This looks like another quality product from you Deano and I hope you don't take offense to these questions.

The problems I see right off the bat are the same as in my industry. Some peoples junk is another's treasure. It's the same issue I have with most spam systems. Although they mean well and do manage to stop most spam, they also stop a small percentage of good information as well.

It's the same here. Your spammer might be my new user. How is the information that's added to the aggregates database managed? In  other words, what if the users of your product start marking people as spammers who really aren't and they are blocked from entering other users sites?

Spam control has been the most complicated issue since the inception of the net. I've been on the net since before it even existed. (remember the old dialup BBS's?) Even back then, it was a major problem.

The concept is a good one and I hope it plays out but just for informational purposes (and again, I reiterate, not trying to start a fight. Just need to know) I would very much like to hear how your system deals with the issues I've presented here.

 Your right. It is a very complex issue. And not a easy one to deal with.

When an admin blocks a user the ip address along with the email and username is sent to my central database. That information is held indefinitely if the submission is regularly seen In other words flagged often. Ip addresses are only held for 14 days due to their dynamic nature, email and nicknames held for longer. Usually 90.

IP addresses are the only thing that will block visits to the site, so that would only exist at most 14 days then they could try to signup again.

But your right. When a admin flags a user it will be blocked for at least 14 days from other sites as well because of the IP block so it could be a potential problem. But unlikely.

If you noticed the question above about marking previous accounts in bulk. Well this is anoher reason it's not in there. People will abuse the system and mistakes will happen.

I plan on taking the manual flagging and submission out of the picture in one of the upcoming versions. In the new version my central database will be populated by honeypot sites. Local flagging will block in the local database only in future versions. I am still building the honeypot system and sites so that is not available yet but the honeypot will be the ideal solution as the sites used for this are unadvertised and would only be found by deliberately looking for dolphin sites. These honeypot sites will be on the net for the sole purposes of letting spammers join just so they can be used to populate my database.

But yes. I have thought of the potential problem that exists when you let people flag accounts as spam. The honeypot system i am setting up should solve that.

 Thanks deano,

I think I will do it as you said by "using the member section" and delete them

keep up the good work ;)

I like the honeypot idea. Have you thought about adding another level? Say a rotating human question system? When I added the human question to my site, it virtually stopped all spam. It worked so well in fact that I no longer used the captcha or the domain blocker system I had....

I am looking forward to giving your mod a go...

I used a human question on my site for quite some time. So i considered it, but i am trying to do this without the need of any join form changes or even the need of captchas.

Version 1.0.2 Released.

Fixes.
03-15-2013 - Fixed bug with cron purging of old data.

New Features/Enhancements
03-28-2013 - Added auto whitelisting of admin IP addresses.
03-28-2013 - Allow login from admin backend so admins can still get in if ip was blocked.
03-29-2013 - Change log from 365 days to 7 days. To much data. Performance problems.
03-29-2013 - Create new stats system. Old one relied on logs. New one does not.
03-30-2013 - Change desc link check to allow images jpg, png and gif links.
03-31-2013 - Added date to Spam and Non-Spam listings.
03-31-2013 - Added sorting by Nick, Email and Date to Spam and Non-Spam listings.
04-01-2013 - Added search to Spam and Non-Spam listings.

For some reason I did not see how i could sort listings or search listings after updating? I did see the log time go to 7 days though.

If your pages do not look like what is the products screen shots then the update did not take.

Uninstall, delete the folder modules/deano/dolphin_anti_spam

Reupload and reinstall.

 Yes, I agree.... I won't try to help anymore. Sorry... but even after rereading the post, it still sounds the same to me. 

Amazing how stubborn the cache was on this. Even after uninstalling / reinstalling and hard refreshes the new version still displayed as the old one. Cleared the cache. Everything looks great Deano thanks.

Just installed & tested & it works great.

All I did was remove a couple of the domains you were blocking such as msn.com & yahoo.com. I added mailnesia.com since this is where most of my spammers were from.

Do I need to do anything else to set up the autoshare portion or is that just working in the back ground?

Do most ppl just  leave the default error msg as they are.

 
No other settings are required to share. It's done automatically as you mark members as spam. The sharing to the database will be replaced eventually with a honeypot system i am working on. It will be more accurate than manual marking.

The default messages can be changed to what you want. I think most people leave them as they are. I choose those because i believe you do not want to tip spammers off that you have blocked them. It only makes them try harder if you actually have humans doing it. Most are bots and won't notice the messages.

A new version will also be released in about a week or so which has even more improvements.

This filtering system will be updated regularly to make improvements to keep up with the spammers tricks, so you should keep a eye on updates or subscribe to this topic as i post update announcements here.

If you like the product, please consider posting a review in the market entry. http://www.boonex.com/m/dolphin-anti-spam

I had used firefox to test this out & tried to log in with a bad email address. Now I seem to be locked out of my site from firefox. I can get in from chrome. In firefox, the main screen says the site is down for maintenance. I am not logged in. It won't let me login or join. I tried to clear the cookies for my domain in firefox, but still cant get in. Again, it works fine in chrome.

Yea. First off, testing with your own ip address is a bad idea. So don't do it again.

Go to the admin back end. yoursite.com/administration

You should be able to log in as admin from the back end, and as soon as you do it should white list your IP.

It also does not make sense that chrome works but firefox don't. It blocks by ip address, not by web browser, so i don't get that.

If that does not work. Then in phpMyAdmin run this query.

TRUNCATE TABLE `deano_dolphin_anti_spam_ip`


And don't test from your own computers or IP address.

Logging in as admin fixed it.

At least now I know how well it works. thanks

How do I actually send someone to spam so they are added to your list? I looked for that option in the members section & within this module. I also looked on the person profile activation page. I can find any way to do that. 

It's shown in the product screen shots on the market page.

Go to the Non-Spam account page. Click Show Details next to the account you want to mark as spam. The details will expand and there you will see a mark as spam button.






You seem to have deleted the rest of your last message. But i will answer it for future reference because it will come up again.

No the filters will not catch every single occurrence 100% of the time. Spammers some how can find ways to slip by and that is one of the reasons spammers are so hard to deal with. In some cases they are as bad as hackers. They find ways to slip by filters. And i am always trying to figure out how.

Hello Deano,

 I do not know what happen but at about 12:44am to now I am getting nailed with database errors. I have hundreds of them this morning.. The emails are very log so will only past up to the debug part:

Database error in Chamber Theory

Query:

SELECT `timestamp` FROM `deano_dolphin_anti_spam_ip_whitelist` WHERE `ip` = ''%22' LIMIT 1

Mysql error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' LIMIT 1' at line 1

Found error in the file '/home/chambert/public_html/modules/deano/dolphin_anti_spam/classes/deanoDolphinAntiSpamDb.php' at line 230.
Called 'getOne' function with erroneous argument #0.


Debug backtrace:

Thats fine. Nothing below the debug backtrace is needed anyway.

You will need to try uninstalling and then reinstalling the module.

Ok will do that Tonight when off work. Thank you

I may have a patch out by later tonight. If not then by tomorrow.

The dolphin function that gets a visitors ip address is not returning a proper ip address in your case which is what is causing the error. Seems you got someone trying to alter the browser headers to get around any ip filtering.

I will work on a fix to detect that and release a new version.

Ok Thank you Deano..

Hey quick question.. Is it even good to ban Ip's? I mean most Ip's change every 24 hours. So the next one that gets that Ip and trys to join will get blocked. I right now have over 2800 IP blocks in two days? Is there anyway of stopping the IP blocking?

 
No. The IP is needed. It is the only way to determine who is visiting. And yes, i am aware that ip addresses rotate and auto purging of old IP addresses is automatically built in. And 24 hours is incorrect. It takes longer than that for a ISP to rotate a ip address. Read this. It varies drastically. http://www.broadbandreports.com/forum/r27122845-How-long-does-dynamic-IP-usually-last- Mine for example will not change unless i reboot my router. The spam software only holds them for 7 days.

Anyhow. Don't worry about it. I have already taking that into consideration and the software automatically takes care of it. The bans on the ip's are not permanent. They are temporary bans to slow down the spammers attempts to create accounts.

I have been working with spam prevention in various areas, mostly email for over 10 years. I have gotten pretty good at slowing them down.

Ok.. I believe yea.. Just thinking of the chances of a real member getting the IP of one banned.. Then the site loses.. I sure would not go back to a site that banned me for a IP someone else had.. Just saying.. Not cutting the mod down at all.. Just think with all the blocks I have, how many were true. But if I un-install the mod I get attacked bad.. LOL.. So All is good.

Hi There,

I would really like to thank you fro this roduct it's amazing, however I am recieving this error constantly:

Mysql error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 't going to like it the way she does but what she actually likes carrying out is ' at line 1

Found error in the file '/home/****/public_html/modules/deano/dolphin_anti_spam/classes/deanoDolphinAntiSpamDb.php' at line 202.

Called 'query' function with erroneous argument #0

Do you know how to fix this? If you need I can message you the full error.

Thanks

If it did occur, it would be very rare. Highly unlikely because they are not permanent bans.

Need your to go into admin->Tools->Host Tools.  What is the status of the magic_quotes_gpc setting. And yes, message me the full error.

But i have a feeling php is not properly setup with that option per dolphins requirements.

Also, my records show your purchase was back in march. Have you been keeping it up to date? The current version is 1.0.2.

 EDIT: Yes I have already had 1.0.2, and am still getting the error, I will message you.

For reference: magic_quotes_gpc is off, which is ok with dolphin.

Ok. I had planned on releasing a new version sometime tomorrow. I will see if i can get a fix into the new version.

If it's happening frequently, then try this patch.

Edit modules/deano/dolphin_anti_spam/classes/deanoDolphinAntiSpamDb.php

Look for this.

    function profileBackup($iProfileID, $sNick, $sEmail, $sData, $iSpam = 0, $iDeleted = 0) {
        // Remove this line in a few months after a few updates have been done.
        $this->checkProfileTable();

        if (!get_magic_quotes_gpc()) {
            $sData = mysql_real_escape_string($sData);
        }
        $sTime = time();
        $sQuery = "INSERT INTO `deano_dolphin_anti_spam_profiles` (`id`, `nick`, `email`, `spam`, `deleted`, `data`, `timestamp`) VALUES ('$iProfileID', '$sNick', '$sEmail', '$iSpam', '$iDeleted', '$sData', '$sTime')";
        $this->query($sQuery);

    }


Replace with this.

    function profileBackup($iProfileID, $sNick, $sEmail, $sData, $iSpam = 0, $iDeleted = 0) {
        // Remove this line in a few months after a few updates have been done.
        $this->checkProfileTable();
        $sData = stripslashes($sData);
        $sData = mysql_real_escape_string($sData);
        $sTime = time();
        $sQuery = "INSERT INTO `deano_dolphin_anti_spam_profiles` (`id`, `nick`, `email`, `spam`, `deleted`, `data`, `timestamp`) VALUES ('$iProfileID', '$sNick', '$sEmail', '$iSpam', '$iDeleted', '$sData', '$sTime')";
        $this->query($sQuery);

    }

Look for this.

    function updateProfileBackup($iProfileID, $sData) {
        if (!get_magic_quotes_gpc()) {
            $sData = mysql_real_escape_string($sData);
        }
        $sQuery = "UPDATE `deano_dolphin_anti_spam_profiles` SET `data` = '$sData' WHERE `id` = '$iProfileID'";
        $this->query($sQuery);
    }

Replace with this.

    function updateProfileBackup($iProfileID, $sData) {
        $sData = stripslashes($sData);
        $sData = mysql_real_escape_string($sData);
        $sQuery = "UPDATE `deano_dolphin_anti_spam_profiles` SET `data` = '$sData' WHERE `id` = '$iProfileID'";
        $this->query($sQuery);
    }

See if that clears up the problem.

Version 1.0.3 released. http://www.boonex.com/m/dolphin-anti-spam

Change notes below.

04-10-2013 - Added keyword blocking.
04-11-2013 - Started work on honeypot system.
04-13-2013 - Added H1-H4 tag blocking.
04-13-2013 - Added Han/Chinese character blocking.
04-14-2013 - Improve link/domain checking in profile desc/head.
04-18-2013 - Added bot detection.
05-03-2013 - IP detection bug. Dolphin function getVisitorIP not always returning a valid IP. Wrote my own function to replace it.
05-03-2013 - Changed way escaping of backups done. Trying to solve quote problem on some servers.
05-04-2013 - Improved stats section.
05-04-2013 - Released version 1.0.3

Thanks for getting out this new release, and including the fix that you provided me last night in the new update. I really do appreciate the hard work, and every dolphin owner should buy this plugin. 

I wish.

Wishlist Item:

Ability to backup and restore table data and structure just for Dolphin Anti spam within the modules admin panel. This would be easier than doing this the manual way. Just something that restored all the users you had listed as Spam users. This way it would not be blank after every update from losing the data.  I know now how to do this manually but it would still be pretty helpful to have on hand to keep me out of phpmyadmin.

As well thank you for the recent update.

I did not realize my wishlist item was already built into the dolphin tools section. I've never used it before other than entire database backup. Which table do I need to back up and restore before and after updates?