Recent Topics

1 Dec 01, 2005 16:19    

Hi

An issue I've quite frequently come across is that a valid URL I want to post is rejected because of its similarity to something on the blacklist. Looking on the forums, others have suggested the option to disable this checking for some/all posts (probably a good idea).

It took me quite a while to find a recent one - the valid URL was interworx.com.au, while the blacklist included rx.com. I spent way too long checking for other combinations. The blacklist does seem over-strict. If a spammer registers n.net or r.com, everything from b2evolution.net, or blogger.com will be rejected. I'd suggest this restriction can be loosened a bit to take into account whether its an entirely different domain (n.com, cnn.com) or just another alias (bugs.spam.com, bugz.spam.com).

Also, one of whoo's brilliant antispam suggestions was to rename the htsrv directory. It's made a dramatic impact on my spam. By adding this as a configuration opton (perhaps even making it compulsory) you'll take the wind out of a lot of automated spam. Currently 95% of installations have the default htsrv - by getting everyone to enter a unique name for this directory when they install b2evolution, there'd be no way to automatically attack this single point.

2 Dec 01, 2005 20:51

I just changed that keyword on the blacklist from rx.com to .rx.com. We're trying to walk the line between too many false positives and too many false negatives. There will always be some of each, though. The ability to disable the checker for certain posts and more informative error messages would both help.


Form is loading...