Porn Spammer hit my forum

I think you guys are getting a little bit too paranoid.

The person who owns those box's and supplies those free email services probably isn't the one who is spamming ..

If I was him (or her), I wouldn't use the E-mail addresses I 'own' myself. But like the spammer, goto some free service, where you can sign up with some fake info. And enter spam-bliss-heaven.

The one to contact is the person in charge of the abuse department of HotPop/BonBon/Etc .. they will see this is not a normal way of 'spamming' their stuff. And hopefully assists in removing those accounts. If they disagree and allow such spam, they wouldn't have put up those big letters of anti spam policies etc. If they do agree on users spamming like this, then if you contact the hostmaster for those dns services, they might have a different thought about antispam policy and maybe indeedio suspend this user's services untill he has resolved it. (There is always a bigger fish).

Don't be too paranoid, and google is just a search engine. A result doesn't mean it is THE result you want. Just report through the appropiate channels and have all info in there, check that other thread on the abuse emails and have a go at it.

No, it's jerky (without the "e")!

Turns out all those domains (BonBon, GameBox, and hotPOP) are free e-mail services run out of Jerky Network Services. So the perp can be sitting anywhere (off shore, who knows).

It looks like Jerky's Internet access provider is verio.net, which has an abuse-reporting e-mail ([email protected]).

No reply yet from Mr. Shoemaker ...

Geez, you all are fast! Corrections already posted.

I wouldn't expect Jerky/hotPOP/BonBon/GameBox to have an abuse "department"--looks like a low-rent operation.

Here is a little something else about Mr. Shoemaker from back in July 14, 2000:



Andrew Shoemaker (DBA Jerky Networking Services)
61 Prescott St. Newton, MA 02460 USA

this address actually comes back to Newtonville, MA, and guess what... it's an apartment complex also! It it pretty close to Boston College's Newton Campus

Also, this is directly from Jerky.net's General Cover-Our-Ass Disclaimer (their words) at http://www.jerky.net/legal.html

Lawful Use

Jerky.Net's system and services may only be used for lawful purposes and in a manner which Jerky.Net believes, in
its sole discretion, to be consistent with the rights of other Jerky.Net subscribers and third parties. While Jerky.Net
is not responsible for the content of hosted Web Sites, content on all Jerky.Net hosted Web Sites must comply
with all laws and must not infringe the rights of any third party. Jerky.Net's services and system may only be
used for lawful purposes and consistent with all rights of other parties. Without limiting the foregoing,
Jerky.Net's services and system shall not be used in a manner which would violate any law or infringe any
copyright, trademark, trade secret, right of publicity, privacy right or any other right of any person or entity
or for the purpose of transmitting or storing of material which is obscene, libelous or defamatory. Use and
access to other networks through Jerky.Net's system must comply with the rules for such other networks.

Pulling back a bit and looking at the big picture (i.e., preventing future instances), I'm wondering whether you all have seen how Yahoo Groups prevents automated registrations. During the reg process, you're shown a graphic with a gnarly background and a semi-concealed word. You have to type the word in. Presumably only a human could do this.

I know this isn't the place to propose an enhancement, but would that be a reasonable approach in vBulletin?

http://www.vbulletin.com/forum/show...?threadid=65126

It's already there for the people who have the capabilities!
Here's what it looks like

This has already been implemented in vB 2.3.0 RC 2

Clock up another hit......

I was hit by georgesltd56 this morning - first one I've had (and hopefully the last.... I'll be keeping an eye on this thread and my new members....)

Good grief! Thanks. I just upgraded to v.2.3.0 this morning. (So that's what "image verification system" means. )

georgesltd56 was the last to hit us, too. My one board's been hit several times over the last few days, my other board hasn't been hit once, weird.

Looks like the image verification hack is the best way to go right now. I know what I'll be doing tonight

Good news,since installing the Image verification on v 2.3.0 RC2 (have now upgraded to RC3),i have had no more bots registering.

Infact i have just had one online trying to reply to threads,but he obviously couldn't get past the registration process.(see screenshot here )

Thanks goes to the vb devs for implementing this verification process in the updated release candidates so quickly.

yeh i got so many hacks and template mods i dont wanna upgrade
cuz its a pain

so the hack for me saved my board , i had 15 guests online at one point
so it was a surefire way to know that its working am very happy the problem kept at bay

Add me to the list of those who have been hit. george, bro and yummy hit my forums. I have banned all the IPs listed and known names listed in this thread. I am either going to do the image verfication hack on vb.org or I'm going to upgrade to 2.3.0 RC2. Those seem like the only surefire way to stop it.

I'd go for RC3 if I was you

First I would like to thank the VB Team for the fix for this. This is a top quality product and the support is the best!

I have 1 question my ver of PHP does not support GD and as I understand with GD this fix will not work at all correct? Also I am in the middle of researching upgrading my php ver have never done this because my site has been bulletproof but if I do this am I risking any data lose or corruption due to the upgrade of PHP thanks agains everyone