Closed IanMiddlebrook closed 5 years ago
@IanMiddlebrook
Do you get any bogus emails every day to this imiddlebrook@butterfly-conservation.org address?
@IanMiddlebrook
We now collected the numbers for last four days of sent out emails from our servers. below is the list. Total number of emails sent to imiddlebrook@butterfly-conservation.org on Nov 17 = 171 Total number of emails sent to imiddlebrook@butterfly-conservation.org on Nov 18 = 26 Total number of emails sent to imiddlebrook@butterfly-conservation.org on Nov 19 = 226 Total number of emails sent to imiddlebrook@butterfly-conservation.org on Nov 20 = 132
Hi @Gary-van-Breda
Every time someone registers for a new account (or updates an existing account), an email is forwarded to me (from no-reply@ukbms.org on behalf of brc@ceh.ac.uk ) so that I can link new users to their transects.
So every morning I have to scan through these to find the (~1%) genuine transect recorders, and delete all the new bogus accounts (and any forum entries they've managed to post). Just deleted 150+ bogus accounts this morning, all registered since 17:00 last night.
Cheers, Ian
@IanMiddlebrook
Thanks Ian for responding to this.
Apologize for this inconvenience. In response to this, could I also ask you to send me the email address you receive from?
I will see, if I could resolve this.
Biren
Hi @BirenRathod , I receive them from 'no-reply@ukbms.org on behalf of brc@ceh.ac.uk' . But I don't want to stop receiving these emails - I need to know when genuine transect recorders have set up new accounts. I just want to find a way to stop/discourage spammers from registering on the site. I believe it would help if the forum was not open to public viewing.
Ian
@BirenRathod Please can you do two things:
@IanMiddlebrook, I check on the website. There is no spam account created, so I can't find any spam users there. The only way to find out by looking at their email address or IP address. Just for info: Forum is also under Captcha protection, It needs a user authorisation + Captcha protection.
Hi @BirenRathod - I delete all the spam accounts - that's why you can't see any. But I'm happy to forward them all to you if you don't believe me!
Ian
@IanMiddlebrook I do believe you. This is not about that. You don't need to forward all of them but just couple of them to find out the actual details and any similarity in them.
@BirenRathod I've sent you a sample from this morning - enjoy. Ian
@IanMiddlebrook, thanks. It gives me now clear picture.
@IanMiddlebrook , @DavidRoy
Below steps have done to stop creating user accounts.
Thanks Biren, closing in the expectation that this has resolved the problems
@IanMiddlebrook , @DavidRoy
Since extra measures have been placed, there is only one possible user have managed to create the account. I blocked it at present because its email address looks suspicious.
@IanMiddlebrook , please check if it is legitimate or not, if not please delete it.
Thanks @BirenRathod Been on this morning and found just 4 new accounts since Weds evening - 3 bogus and 1 genuine. Certainly a massive improvement, thanks.
If it helps - the bogus email addresses were jfogaffz@njaklulvd.com , Bridgett-Tallis44@edusath.com & careybookbinderevna@yahoo.com . These accounts have now been deleted.
Regards, Ian
@IanMiddlebrook
Thanks for looking into this and passing me those email addresses. First two can easily block by system and third one I'm blocking by username, so should be narrow it down to get through.
@IanMiddlebrook
All those spam users came from same IP address, so I blocked that IP address.
@BirenRathod Hi, not sure if this is connected/confused with above, but I'm working from home and can't get onto the UKBMS website!
I'm getting: "Sorry, 86.168.175.182 has been banned. "
Please help.
@IanMiddlebrook
Right, that is interesting. Anyway I'm going to remove that IP address now.
Thanks @BirenRathod I can get back on now.
Hi @DavidRoy We've gone back to getting a lot of bogus/spam accounts now - dozens each day that I need to delete. Is there anything we could do to discourage this? It had dropped right off with Captcha, but now we're using a simple sum it's crept back up again.
For example, I'm sure they sign up for the forum, but is there any need for the forum to be visible to people before they login? I can't think of any, so if we removed the forum from the menu until people login I wonder if that would help? Otherwise, could we get rid of the forum completely and just direct people to send their suggestions or requests for help direct to me (probably more efficient, since I rarely look at the forum)?