step one: upgrade to dawn. It's a lot better at the spam game, but it won't help you clear out your polluted hitlogs. no matter what else you do, v10 isn't good anymore unless you patched it with the xml-rpc security patches. Even so, upgrade because dawn is shiny and new and stuff.

step two: make sure you have the fullest most complete up to date antispam list by clicking the link in your back office several times - you're done when you get only one response that says "not needed already handled".

step three: take the bull by the horns. On your stats tab go to the summary subtab and just start whacking days from the log file. never mind one smarmy keyword at a time - just start dumping days.

alternative to that is to use phpmyadmin to 'empty' the hitlog table. If you're comfortable in there it's quick and efficient, but if you don't mind pointyclicky using the summary subtab will get the job done.

step whatever comes next: each time you post update your keyword list. each time you want to ban/delete/report another spammer update your keyword list first. each time you just happen to wonder about it log in and update your keyword list, and ban/delete/report anything icky in there.

Oh by the way I'm pretty sure every one of those displayed in the screenshot would have been blocked by the full complete list. Lotsa drug names are part of the list. phentermine has like a million different websites pushing it, and they're all blocked by one keyword.

Thanks for the help :) Am downloading Dawn now, and am looking into how to ban with keywords, to avoid worse while I'm working on the update.

the antispam tab is your keyword buddy. Everyone calls it the antispam list or the blacklisted domain list, but it's really a list of keywords that can't be linked, part of a referer's website, used as the website of a commenter (or trackbacker), or even used in comments.

vioxx.spammysite.com could be a keyword, but so could vioxx. vioxx all by itself will catch many different sites, so it makes more sense to use one really good keyword than many very specific ones.

By the way currently there are ~3200 keywords in the antispam master list.

That ought to take care of them. Some seem to not be banned, even though they match one or more keywords (well, according to me. phentermine.ysdn.org, for example, matches both phentermine and ysdn as keywords, but still shows)

Also, Dawn's finished downloading. Can I just upload the files over the current ones, or would that break anything/be unsufficient?

Edit: Got all of the filth out now :) Now it's just a matter of updating everything.
Edit: Didn't see that 'bout the installation script. If that one requires the login and password to the dbase, it'll have to wait til tomorrow (I don't know that, but my host can look it up, which's tomorrow)

You could download your current conf/_config.php file and transfer the critical information from it to _config.php in your dawn package. It's only or 7 lines: 4 for the database, one for your baseurl, one for your top-level email id, and one that says "config_is_done" becomes a 1.

After that you run the install thing and check the box for 'upgrade from a dusty old moth-eaten version of b2evolution that was new just a little while ago'. It'll leave all your actual content alone and tweak the database in minor ways.

I usually delete everything on the server before uploading the newer version's file. I think it's recommended. At the very least it avoids having older un-needed files cluttering up your server space. I also unzip on my desktop - a habit I thought was the only way until I learned you can unzip on your server. Sounds like I dunno what, so I live in my comfort zone.

All done. Moved the old files to a different folder, loaded up the new files, ran the install, using my existing database, changed permissions for _config.php and everything went fine, then deleted the install folder and the backup... and everything still went fine :) Let's hope this'll keep the spam away now. Thanks for all the help :)

Quick side-question... is it possible to put in links to other sites in the side-bar without hardcoding each link? Been looking for a plugin like that for some time, but haven't found it, nor did I find any feature that did that.

Not related to the nature of this thread or forum so I'll give you a quickie on it: your linkblog is what makes links in the sidebar (in most skins). You make a blog, post titles and urls in that blog, and tell your other blogs to use it as your linkblog. I don't know if your skin supports it, but if not searching the documentation how-tos and forums will certainly help you add one to your skin.

Short answer: it's possible and easy.

Figured it out. Linkblog was they keyword I needed. Still's not all too clean, but it's functional... and the bloody spam's gone. Cheers!