Other issues in this category (24)
Wednesday, August 24, 2016
The Anti-virus Times' popularity is growing, and, like many frequently visited sites, it is attracting the attention of spammers and trolls. But, for the purposes of this issue, we’re going to talk about professional sploggers.
A splogger (splog – from ‘spam’ and ‘blog’) is an employee of a particular company (this could be a PR agency just as much as it could be an NGO that receives money from foreign sponsors). This person’s job is to post spam messages as comments in blogs and forums, and to provoke heated discussions with forum and blog participants. The splogger’s goal is to publicize a website or an article in order to try to boost their search engine rankings, as well as to promote certain opinions.
Naturally, Doctor Web (like any other site owner) has no desire to see irrelevant and provocative posts on its site. Furthermore, the publication of information that is prohibited by law may result in the temporary blocking of a site that has been attacked by a splogger or force a site's administration to introduce comment screening, which, in the case of the Anti-virus Times, would slow down our interaction with our readers.
How are sploggers able to comment on sites that require them to sign in and validate an email address, as is the case with the Anti-virus Times project?
Naturally, they wouldn't want to send messages from one IP address since that address would be detected instantly and added to a blacklist like DNSBL.
DNSBL is the list of IP addresses that are reputed to send spam. If an address gets onto the DNSBL list and this list is going to be used by a mail server, this server—depending on its settings—can reject, mark as spam, or completely block incoming messages from that address.
Important! DNSBL lists can be used not only to disrupt criminal activity. Criminals can use them to prevent you or your partners from receiving messages from certain addresses. When an end-user (you or a spammer) ends up on a DNSBL list, he/she may not be able to send mail to the server or relay messages through it. If you have problems sending messages to a certain mail server, make sure that your IP address hasn't gotten on a blacklist.
In addition to DNSBL, there is also the real-time black hole list (RBL).
To overcome these difficulties, trolls and sploggers use the following legitimate means.
Temporary email addresses
Temporary email services work as follows. The user goes on a service’s website and gets a temporary mailbox. They then use it to registers on another site where they need to provide an email address or send an email from that address. After that the temporary mailbox is removed. As a rule, mailboxes of this kind expire within several minutes or hours.
A mailbox name can be generated automatically or defined by the user. Trolls particularly like services that provide mailboxes capable of redirecting inbound messages to a regular mailbox.
Important! In addition to a temporary email address, attackers can also get a random IP address to conceal their actual location.
The Anti-virus Times recommends
Don't forget about another useful feature of Dr.Web Security Space that will prevent you from receiving unwanted emails. To take advantage of this feature, in the Dr.Web SpIDer Mail settings, add domain names used to generate temporary addresses to the anti-spamâs blacklist.
To access the settings, click in the context menu; then click on the padlock icon (Administrator mode) and then click on the gear icon (Settings).
Go to Exclusions → Anti-spam. Create a white list (the list of addresses you want to receive email from without checking it for spam). You can also define a Black list (emails sent from these addresses will be blocked).