This is the v3.5 version of vbSpamBuster (https://vborg.vbsupport.ru/showthread.php?t=76756) that I wrote for vBulletin v3.0.x This version adds some new features.

What does it do?
It spots posts that could potentially be spam then (depending on option settings) creates a thread alerting site admin/moderators about the post and/or hides the post from view.

How does it identify the spam?
All off the posts for users with a post count of less than 10 (configurable) have their posts checked against a number of rules. Each rule has a different "score". If the total score for the post exceeds a specified limit then the post is deemed to be spam.

Can I add my own rules?
The installer file has a default rule set with it, you may wish to customise the rules in the options section of the AdminCP. The rules system is fairly simple to add to, in simple terms each rule is a perl regular expression and a score.

How do I install it?
Import the product via the Product Manager in the AdminCP. The options group and plugins will be added to your system. Now would be a good time to click the install (https://vborg.vbsupport.ru/vborg_miscactions.php?do=installhack&threadid=109258) link on here to record the fact that you've installed it.

How do I configure it?
Head to the "SpamBuster" option group in the "vBulletin Options" section of your AdminCP. Fill in the relevant fields. Further documentation will follow but it should be obvious what each setting does for the moment.

How do I upgrade?
Just run a regular install. It's worth backing up your settings particluarly the rules before performing the upgrade. If you're upgrading from v0.3.2 to v1.0.0 you can just download the attached rules file and add it via the admincp as there have been no code changes.

How can I test it?
Try posting a new thread/post with some trigger values in it. The string ekmas.com should do the trick.

Help it's broken my forum!
Erm, that's not an intended feature. Disable all six of the plugins that are part of the product "SpamBuster" and post an error report to this thread. The forum will work fine.

Why doesn't it do x,y or z?
Because I've either not thought about it yet or I've not written it yet. Please drop a post into this thread with any (sensible!) suggestions.

Can I use it commercially?
You're free to use it for whatever purpose comercially/privately as long as you don't resell the code. It's released under the LGPL, see the link below for futher info. If you find this plugin useful and you'd like to make a donation please use the "donate" button below.

https://vborg.vbsupport.ru/external/2010/02/12.gif (https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=james%2epaypal%40jump%2daround%2ecom&item_name=SpamBuster%20Hack&no_shipping=0&no_note=1&tax=0&currency_code=GBP&bn=PP%2dDonationsBF&charset=UTF%2d8)

https://vborg.vbsupport.ru/external/2010/02/66.png (http://creativecommons.org/licenses/LGPL/2.1/)
This software is licenced under the CC-GNU LGPL (http://creativecommons.org/licenses/LGPL/2.1/).


Changelog

15th June 2006 - v1.0.1 - Updated list of rules uploaded as a text file
6th April 2006 - v1.0.0 - Stable release: code remains the same but the rules file has changed.

Nice job. :)

nice work, ill let you know how everything goes once I install it.

will wait to get out of the beta stage...awsome hack and idea :)

did you upload the hack yet?

When this goes final I will install it

great idea, its should be a default vbulletin option

After lots of testing I only put this live on the forum I admin an hour or so before posting it on here last night.

As a precaution I'm running it so that it creates spam reports but doesn't delete the spam.

It caught its first spam post about an hour ago and I'm happy :)

I will add this forsure once out of beta, thanks for working on it!

hides the post from view.

what exactly is hides from view? admins and mods can see it in its original state inside the forums or is it actually moved or deleted? we have a post quarentine in our admin section, i;d like to see it configurable to automatically have it moved to a specified forum where we could either delete it or move it back to the forums if its not spam

what exactly is hides from view? admins and mods can see it in its original state inside the forums or is it actually moved or deleted?

It's "visible" flag is set to 0 just like a post that's been moderated. It's similar to a soft delete.

Admin users will see the thread/post but regular users (including the poster) won't.

I think that's a better solution than permanently deleting it or moving it elsewhere :)

Working well thank you..

Me clicks install :)

Installed!!! This is a hot mod! One problem, it didn't work at all LOL I realize it's only beta.

We tried 20 different styles of spams

Here are my settings:
(Yes we have a police user)

Installed!!! This is a hot mod! One problem, it didn't work at all LOL I realize it's only beta.

We tried 20 different styles of spams

Here are my settings:
(Yes we have a police user)

Those settings look fine.

Are the plugins all enabled?
Do the user(s) you're making test posts with have a post count lower than 20?

Nice Job M8 ;)
Works Fine on 3.5.X ( All of Versions ) for me ;)

umm is it possible to change redirect page for Moderated Threads to Forum , not thread ?!

umm is it possible to change redirect page for Moderated Threads to Forum , not thread ?!

Good plan - watch this space...

Hi UK,

THanks for replying! Yep, user has loser than 10 posts.

IN fact, when I posted my original post, the plugins were NOT enabled. But I have since enabled them and tested it with urls, the word "FREE" etc...still NOT working :(

If you want, PM me and I can give you some access to assist us.

Thanks!
Those settings look fine.

Are the plugins all enabled?
Do the user(s) you're making test posts with have a post count lower than 20?

THanks for replying! Yep, user has loser than 10 posts.

Thought I'd quote this before you had a chance to edit it :)

I'll drop you a line Sunday/Monday when I have a chance to look at it.

Thought I'd quote this before you had a chance to edit it :)

I'll drop you a line Sunday/Monday when I have a chance to look at it.

hahaha
OOPS, Loser. Now that is funny since I am the testuser lmao

Thanks, I'll look for your pm

another suggestion
isnt better to match all cases using strtolower?

Most of the regular expressions have an /i at the end of them which means they're case insensitive. A few in the rule file don't (some intentionally, some unintentionally!).

TIA
another one:P
how to add a rule for exact match ?
possible with this plugin?
if yes goto 1 :D else goto 2
1: which Rule ?
2: waiting for ur next update ;)

If you want to match "New York" you could match against the perl regular expression /new york/i or /New York/

The i at the end makes it case insensitive.

TIA again ...
im using this hack for Auto-Moderating Threads/Posts by keyword :)

for example: i just want to add a rule for "Test" but not "Testing"
how to ?~

TIA again ...
im using this hack for Auto-Moderating Threads/Posts by keyword :)

for example: i just want to add a rule for "Test" but not "Testing"
how to ?~

I think that /[\W]?test[\W]?/i will do the trick but that's untested. You're best off reading up on perl regular expressions. http://www.google.co.uk/search?hl=en&q=perl+regular+expressions+tutorials&meta=

v0.3.2 released

- when a user's thread is removed the user will be redirected to the forum index
instead of getting an "invalid thread specified" error

Thanks for the update......

The set up worked for the first time today, but when i try to validate it, i recieve this error: Fatal error: Call to undefined function: sb_test() in /home3/hotwheel/public_html/forums/includes/class_dm_threadpost.php(728) : eval()'d code on line 1
Is there something i can do to fix this error?

I uninstalled it for now........

Are you sure the global_start plugin was enabled?

*clicked install*..still don't know if this is working though :p

I'd love to see further progress on this and a stable version before I install it. It's a real need on my type of forum to have anti-spam measures in place and this is most probably the best idea yet to prevent spam from hitting the boards.

Does this pluginn adds stress tho the server??
Thanks...

Help it's broken my forum!
Erm, that's not an intended feature.

Priceless

OK this is my first time trying out a Plugin or a Hack of any kind...

I can't get it to work...

I followed the instructions and it doesn't show up or do anything to new members post with ekmas.com in it...

QUESTIONS:::::::
1. It says it uses PLUGINS am I missing a required plugin..??

2. I am using the Latest version available: 3.5.4 is this the correct product for that version..??

3. Do I have to edit the product first before importing it..??

Just trying to get the SPAMBUSTER WORKING.. before I open the new forum...

Thanks for the help in advance..!!
:banana:

Does this pluginn adds stress tho the server??
Thanks...

I've not done any benchmarking but it shouldn't add much.

Checks are only performed when a user posts or edits a post and then only if their post count is below the post count threshold.

I'd be surprised if the addition of this hack resulted in performance problems.

OK this is my first time trying out a Plugin or a Hack of any kind...

I can't get it to work...

I followed the instructions and it doesn't show up or do anything to new members post with ekmas.com in it...

QUESTIONS:::::::
1. It says it uses PLUGINS am I missing a required plugin..??

2. I am using the Latest version available: 3.5.4 is this the correct product for that version..??

3. Do I have to edit the product first before importing it..??

Just trying to get the SPAMBUSTER WORKING.. before I open the new forum...

Thanks for the help in advance..!!
:banana:

You should just be able to make it work by following the instructions in my initial post.

There's some general reading on plugins on the vBulletin site http://www.vbulletin.com/docs/html/ that might be of interest too.

If you have any specific questions please include more details and I'll try to help out.

Are you sure the global_start plugin was enabled?
I am pretty sure everything is set right.........I reinstalled tonite and once i get another spam hit, i will let you know the results.......thanks for your help

I am pretty sure everything is set right.........I reinstalled tonite and once i get another spam hit, i will let you know the results.......thanks for your help

You can test it by creating a new user in the admincp and then posting a spam message using that account.

I've been fine tuning my rule file and find that most of the spam posts on the forum are being caught at the moment with only one "false positive" since it was installed.

I'm really keen to hear from other users about how you're finding it, what features you'd like to see and any other feedback. Thanks :)

awesome plugin... cant wait til out of beta. will click install til further releases

Stable release v1.0.0

sounds pretty cool, i'll give it a try

What is this gonna catch UK jimbo? # Other string based stuff
regexp:a_pochrist:10:any:"/thepassionofthechrist/i"
regexp:t_feelsad:10:title:"/This picture may make some of you feel sad/i"

What is this gonna catch UK jimbo?

More spam, just not commercial.

Google search results (http://www.google.co.uk/search?hl=en&q=%2B%22This+picture+may+make+some+of+you+feel+sad %22&meta=)

Major problems.

Installed this hack and then found out that posts were going into the moderation section. When I try and validate any of the posts I get this error:


Fatal error: Call to undefined function: sb_test() in /home/xxxxxxx/public_html/includes/class_dm_threadpost.php on line 731


Line 731 reads: $return_value = true;

Now......

I have removed this hack via the product area and the error still appears even though the hack has been removed.

Any ideas how to solve this please.

Laters

On the manage plugins page ensure that any spambuster plugins are disabled.

What version of vBulletin are you using?
Was this an upgrade or a new install?

1: There are no plugins or products in the manage products area (removed) so Im unable to disable anything.

2: Version 3.5.4

3: New install

Laters

Problem found and solved.

Although I removed the spambuster plugin, there are still entries in the class_dm_threadpost.php file that the plugin did not remove.

I manually removed spam edits.

Laters

Very strange, this is a function of vBulletin not the plugin, if you can replicate it I suggest you open a bug with them.

The first thing I said was: "On the manage plugins page ensure that any spambuster plugins are disabled."

I'm guessing that one of the 130+ plus plugin hooks installed on your forum could have conflicted with it.

Problem found and solved.

Although I removed the spambuster plugin, there are still entries in the class_dm_threadpost.php file that the plugin did not remove.

SpamBuster is a plugin, it doesn't change the code in any of the installed files. I suspect you're running some kind of vBulletin add-on that handles plugins differently to normal. It looks like that plugin malfunctioned on the uninstall.

[5 mins later]

I've just done some searching and I'm pretty sure that this plugin is the culprit. https://vborg.vbsupport.ru/showthread.php?t=107315

The problems you were seeing were not related to SpamBuster at all.

Removed my 3 posts.

Reason: Dont want to confuse users.

My problem was: Plugin Accelerator
Fix: Disabled Plugin Accelerator, reinstalled spambuster and my error has gone away.

Laters

Thanks :)

wow great work :) Getting tired of spam post

What if I want to grant a link without it being reported, only to select users/posts? How would I go about this?

What if I want to grant a link without it being reported, only to select users/posts? How would I go about this?

I don't understand the question could you describe what you want to do in more detail please?

Jimbo -

Great product! I have just a few questions:

1. I have it set to post to a spam thread if spam is detected, and to hide the spam post from view. Now say I find it is not spam. Is there a way to allow it to be shown (un-flagged as spam)?

2. When a spam post is hidden from view - you can still see the thread. Is that the way it is supposed to work? For example: SPammer starts new thread with his message, it is flagged as spam - so the message is hidden, but you can still see the thread link in the forum.

3. Is there a way to make your list catch a regex item more then once. For example: "http://" is in a message 20 times (obvious spam post) but the regex only caught the first http:// - so it only recieves 5 points. I want it to have 100 points (5x20).

I think that is all of my questions so far. This is exactly what I needed! Great Work!

Jimbo -

Great product! I have just a few questions:

1. I have it set to post to a spam thread if spam is detected, and to hide the spam post from view. Now say I find it is not spam. Is there a way to allow it to be shown (un-flagged as spam)?

2. When a spam post is hidden from view - you can still see the thread. Is that the way it is supposed to work? For example: SPammer starts new thread with his message, it is flagged as spam - so the message is hidden, but you can still see the thread link in the forum.

Hi SA.

The post is flagged as "unmoderated" this means that administrators/moderators can see it but regular registered users on the forum can't. The way you've described it is exactly as it should work.

Using the normal vBulletin interface you should be able to "manage" the moderated thread (there are the "AJAX" functions too). Have a look in the vBulletin manual and moderation is explained in there :)



3. Is there a way to make your list catch a regex item more then once. For example: "http://" is in a message 20 times (obvious spam post) but the regex only caught the first http:// - so it only recieves 5 points. I want it to have 100 points (5x20).

I think that is all of my questions so far. This is exactly what I needed! Great Work!

Interesting one. I can see exactly why you'd want to use this one but it's not something that the software can do at the moment. I'll give it some further thought :)

Interesting one. I can see exactly why you'd want to use this one but it's not something that the software can do at the moment. I'll give it some further thought :)

Hi there, have looked into the code for a moment. Try using the preg_match_all() function to get more than one hit for a regular expression. You will get a multi-dimensional array then with all found matches :)

Hi there, have looked into the code for a moment. Try using the preg_match_all() function to get more than one hit for a regular expression. You will get a multi-dimensional array then with all found matches :)

Sure - I'd thought about that. Then multiply count($matches) with the weighting for that rule.

I'm wondering if there are any cases where you wouldn't want to consider multiple occurences of the same pattern. (i.e. have the "all" test configurable).

I am sorry I just could not understand what this hack will do.

I have some members who use my forum to promote their websites... so can this plugin detect the posts like www.sitename.com type of lines and remove them?

I am sorry I just could not understand what this hack will do.

I have some members who use my forum to promote their websites... so can this plugin detect the posts like www.sitename.com type of lines and remove them?

It's less to stop member but more to stop people who come in and register on the forum just to post advertising on there. I think some use software so that they can put similar posts on hundreds of forums.

THis hack will identify the spam posts using pattern matches then prevent regular users from seeing the posts on the forum. As a moderator or admin you will still be able to see the posts on the forum, if any of the posts are in fact geniuine posts then you can make them visible to the forum users easily using built in vBulletin moderation commands.

Too Good. I have just installed it on my forums.
Good Job :)

Jimbo - thanks for the replies. I wasn't up to speed on forum moderation, and now I see that I only saw the thread because I was logged in as the Admin. --Thank you.

Again - great work! This will be flying off the shelves as soon as everyone else starts getting hit with the bots - like me :confused:

No worries. To be honest I'm surprised that more people haven't installed it. Perhaps the configuration part of it is a bit off-putting. It'd be good if people shared rules on that they've added to their config and found effective.

Hello UK Jimbo! This is a great hack, thanks for releasing to public.

suggestions:

- add a link into the spam report email which approves the post when clicked
- add some instruction text to the created post something like telling mods that it's invis now and they need to approve it to be visible...

Thanks, hopefully this will stop some of the people that have been spamming my site. If I find more rules, I will share them.

suggestions:

- add a link into the spam report email which approves the post when clicked
- add some instruction text to the created post something like telling mods that it's invis now and they need to approve it to be visible...

Only just seen these suggestions

The first one is a great plan - I'll look into that for a fugure release.

The second one is something you could do in the templates.

Great hack. One suggestion/request though.

Could a rule be added that flags IP ranges that can be set in the admincp? So if a spammer (or any previously banned user) who posts from the same IP address keeps trying to post threads on the board under different usernames, I would be alerted to it? Blanket IP bans can affect innocent users, so I tend to avoid them. Being able to flag IP ranges with this hack would allow us to investigate every possible duplicate user on an individual basis.

Surre - I'm having to put development of this on hold for the moment but it's a good idea and will be incorporated into a future release.

Surre - I'm having to put development of this on hold for the moment but it's a good idea and will be incorporated into a future release.

Thanks!

I've just installed this plugin, and it seems to have broken my 'Post Moderation' tools. When I try to approve some posts, I get this:

Fatal error: Call to undefined function: sb_test() in g:\projects\vbulletin_test\includes\class_dm_threa dpost.php(728) : eval()'d code on line 1

Seems to me that the global_start didn't run, probably because I'm working in the admin CP. Anyway to fix this? I'm using version 1.0.0 on vB 3.5.4.

Can't replicate this one myself - can you tell me what operations you're doing from within the admincp please?

There are a few 'Unapproved Posts', so to approve them I do the following:

1. Login Admin CP
2. Moderation -> Moderate Posts
3. Validate all posts
4. Save

Then I get the error.

I've fixed the problem myself, by modifying the plugin so that it checks if the function exists, for example:


<phpcode><![CDATA[
if (function_exists('sbhits') == true) {
$GLOBALS['sbhits'] = sb_test($this);
} else {
$GLOBALS['sbhits'] = array();
}
]]></phpcode>


The plugin still seems to work, and I can use my moderation tools again. Hope this helps.

i have one problem, i wanna install SpamBuster for only 1 forum .....

can I add next line to

if ($forumid != 3 ) return false

function sb_test(&$obj,$table=null) in product-spambuster[1].1.0.0.xml?

thx

I installed it and it shows up but does not work. I enabled in the spambuster options and started a fake thread as a new user.
It still showed on the site and did not appear in the posts to be moderated when I logged back in as moderator.

I put

FREE CELL PHONES. and stuff like that in the message.

I get no errors in my forum from this. Help !

here's the code in plugin manager

if( is_array($GLOBALS['sbhits']) && $vbulletin->options['spambustermoderate'] == 1 ) {
$forceredirect = true;
$vbulletin->url = 'forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f=$foruminfo[forumid]";
}

This is what was uploaded in the plugins. Maybe that last line is messed up

maybe very strange question!

Does any use SpamBuster for vb 3.5.3??

I installed SB for 3.5.3 and set

Trigger level = 3
Posts scoring with a score equal to or greater than this value will be classed as spam

and tried to post some spams with a lot of http text but it did not works

My vb 3.5.5 forum still gets a lot of spams :(

I've been having a hell of a problem with spamvertisers lately, and will be using this.

Personally, I'd like to see this automatically perma-ban the spammer as well.

This seems a little tricky, but how might I add rules based on the following threads in this forum:

http://www.unitedempire.net/forum/forumdisplay.php?f=177

Gio - it looks like the links have been removed from all the posts on that forum so I can't suggest rules. Generally excluding by URL is the way to go.

Just updated the new rules :)

Just updated the new rules :)

Cool - if anyone wants to post up rules they're using onto this thread then please do.

You know the best thing for me? I stop all users from posting a URL in their first 5 posts. Kills 99% of spam.

regexp:a_url:10:any:"/http/i"
regexp:a_www_url:10:any:"/www/i"

obviously a threshold of 10 - so anyone who posts any kind of URL will need to be moderated - if they have less then 5 posts.

Jimbo - I am not very good at figuring out the templates. How can I add the name of the poster to the spam report? I have spam reports posted to a special forum. I would like to have their name available (in the title?) so I can scan the title and see the real problem posters.

Is that possible?

You know the best thing for me? I stop all users from posting a URL in their first 5 posts. Kills 99% of spam.

regexp:a_url:10:any:"/http/i"
regexp:a_www_url:10:any:"/www/i"

I'd err on the side of caution and use something like

regexp:a_url:10:any:"/http:\/\//i"
regexp:a_www_url:10:any:"/www\./i"


Jimbo - I am not very good at figuring out the templates. How can I add the name of the poster to the spam report? I have spam reports posted to a special forum. I would like to have their name available (in the title?) so I can scan the title and see the real problem posters.

Is that possible?

${spam_user} is the name of the posting user. The user's name is already in the report as part of the quote tag.

Gio - it looks like the links have been removed from all the posts on that forum so I can't suggest rules. Generally excluding by URL is the way to go.

Hmm. Okay. When I do indeedget more spamvertiser, I'll preserve the links to help with the rules.

Great plug-in, and we've just recently installed and began using it on our system. Still tweaking the rule-set, but so far it's been great.

I have run into the admincp/modcp issue as well, since as far as I can tell the postdata_presave hook is also called when moderating posts. I haven't been getting any errors, but the admincp/modcp page doesn't refresh at all after validating posts (I get a blank page), and the whole process basically just fails.

In my case, I had to add the following snippet, modified from an earlier post in this thread:


if (function_exists('sbhits') == true) {
$GLOBALS['sbhits'] = sb_test($this);
}


The $GLOBALS['sbhits'] = array() portion in the else construct didn't actually work, so I trimmed it down to what you see above, and that appears to have restored modcp/admincp functionality for me.

I've also made a small addition in my system that I thought I'd share... Generally, spammers on our forum get banned pretty quickly, but obvioiusly I don't want that to be an automated process until an Admin or Senior Moderator has had a chance to review the situation. So what I did was a template modification to add a link to the banning portion of the modcp. Basically, a "Click Here to Ban or Suspend This User" link.

The following specific modifications were made in SpamBuster Libraries under the global_start plug-in hook:

In variable definitions:

// added 21 Jun 06 by JDH to fetch userid for banning link
$spam_userid = $post->registry->userinfo['userid'];


In body of message section:

Click here to Ban or Suspend this user (http://forums.ilounge.com/modcp/banning.php?do=banuser&u=${spam_userid})


The only other issue that I've run into is the way that posts are dropped into the moderation queue after an edit of an existing post when it's the first post in the thread.

Normally, if a user posts a new thread which is tagged as spam, the entire thread is set to require moderation. However, if the user posts a valid thread, and then goes back and edits their first post, then only the post is sent to the moderation queue.

This creates a situation where normal users see a dangling thread header with no posts. Further, the in-line moderation tools don't work for approving the post, because they're looking to approve the thread. I think the post can still be approved from the ModCP, but ultimately it creates an odd situation.

Granted, this shouldn't occur too often, but it would be nice to add a check to the code following an edit to determine if the post being edited is the first in it's thread, in which case the thread should probably be set to "moderated."

I'm going to poke a bit at the code myself to see if I can't make this work, although it's not a huge priority. If I do solve it, however, I'll post my results here.

Thanks again for a great mod otherwise, though.

Thanks for the detailed feedback and suggestions. I'll factor these in for the next release.

Any update of this for 3.6.0?

I don't have a 3.6 install to test it on at the moment. If anyone would like to verify if it works or otherwise that would be great.

Thanks :)

It appears to be working in 3.6.0...though I haven't had any real-world tests (actual spammers) hit it yet.

It did catch my test posts (both new posts and replies).

If it does anything odd, I'll be sure to let you know.

Here are a few rules that I have added due to online casino bots adding them to my guest forum. I have applied them, but they don't seem to be working. Do I have to restart the plugin ever time I update the rules? Maybe I'm doing something wrong?



regexp:t_cardstud:10:title:"/online seven card stud/i"
regexp:t_888casino:10:title:"/888 Casino/i"
regexp:t_freeslots:10:title:"/free slots/i"
regexp:t_onlinepoker:10:title:"/online poker tournament/i"
regexp:t_videopoker:10:title:"/video poker/i"
regexp:t_pokerrooms:10:title:"/online poker rooms/i"
regexp:t_freeslots:10:title:"/free slots/i"
regexp:t_baccarat:10:title:"/baccarat/i"
regexp:t_online7:5:title:"/online seven card stud/i"
regexp:t_roulette:10:title:"/roulette/i"
regexp:a_888:10:any:"/888\.com/i"
regexp:a_ajcarvelli:10:any:"/ajcarvelli\.com/i"
regexp:a_7cardstud:10:any:"/seven card stud/i"
regexp:a_stud:5:any:"/stud/i"
regexp:a_baccarat:5:any:"/baccarat/i"
regexp:a_casino:5:any:"/casino/i"
regexp:a_online:5:any:"/online/i"
regexp:a_free:5:any:"/free/i"
regexp:a_slots:5:any:"/slots/i"
regexp:a_keno:5:any:"/keno/i"


-parabat

Brilliant parabat, thanks for that. I hope others will share their rules too.

How did you test these rules? The best way is to set up a new test users with 0 posts then try posting using that account.

Brilliant parabat, thanks for that. I hope others will share their rules too.

How did you test these rules? The best way is to set up a new test users with 0 posts then try posting using that account.

Thanx Jimbo
Most of the spam I get is in the public guest book forum. So unregistered users can post comments and that is usually how the bots add to the site. With all these rules in place I'm still getting them onthe site. Not sure why. Do I have to specify a spamuser in the admincp?

-parabat

Jimbo:

A really nice feature would be if it would not allow the message to be posted at all for certain rules.

I'm getting lots of pharmaspam lately - the messages are getting moderated, but I still have to go clean them up. It would be great if I could keep them from even being posted at all if they trigger the spam rules.

Got the same error as
Fatal error: Call to undefined function: sb_test() in /****/****/public_html/forums/includes/class_dm_threadpost.php(728) : eval()'d code on line 1

Are you sure the global_start plugin was enabled?

After the install, I don't see any plugin called "global_start. Can you verify this for me please.

-parabat

Does this work under 3.6?

Great Mod, thanks

The answer may be here already, but I'm pretty new to this and not seeing it. I want to add rules to my board but I can't figure out if there is a wildcard
or not I want to add a rule for sex that will be triggered as well by sex! sexy
sexual bisexual. You get the idea, how do I do that ?

Thanks

Great mod, I hope you keep up with it and keep updating it for new versions. I'm running 3.55 right now and it works just fine.

I'll be upgrading to 3.6 soon.

I received the same error as above today

Fatal error: Call to undefined function: sb_test()

However that was when I attempted to approve the post from the moderator control panel.

I was able to approve the post right from the thread though. I'm quite happy doing it that way.

Got the same error as
Fatal error: Call to undefined function: sb_test() in /****/****/public_html/forums/includes/class_dm_threadpost.php(728) : eval()'d code on line 1

Hi All. Seems like after I reinstalled the product this error dissappeared. It's working like a dream now.
Saved my hind.

Thanx :D

Is there any sort of manual that tells us how to use this thing and set up the rules? The lack of documentation is killing me here.

David.

Hi All. Seems like after I reinstalled the product this error dissappeared. It's working like a dream now.
Saved my hind.

Thanx :D

I've installed three times. No change. I get the error when moderating from the modcp. Never an error when doing inline moderation.

Steve

Ive now installed and tested on our 3.6.0 forum. Works like a charm for now. An important thing you cant remember is to make that new test user with a 0-9 postcount and test.

One issue that this misses is with users posting links like below


blah (http://www.blah.com)

I've installed three times. No change. I get the error when moderating from the modcp. Never an error when doing inline moderation.

Steve

Hi Sownman

The way I got this resolved was to uninstall the product, then I enabled moderation, then installed the product again. This resolved that error a I had moderation disabled previously and only turned it on once I had installed the product. Not sure if you had the same thing.

-Parabat

#Phones
regexp:a_sidekick:3:any:"/sidekick/i"
regexp:a_nokia:3:any:"/nokia/i"
regexp:a_ericsson:3:any:"/ericsson/i"
regexp:a_motorola:3:any:"/motorola/i"
regexp:a_nextel:3:any:"/nextel/i"
regexp:a_kyocera:3:any:"/kyocera/i"


#computers
regexp:a_dell:3:any:"/dell/i"
regexp:a_alienware:3:any:"/alienware/i"
regexp:a_apple:3:any:"/apple/i"
regexp:a_ipod:3:any:"/ipod/i"
regexp:a_toshiba:3:any:"/toshiba/i"
regexp:a_vaio:3:any:"/vaio/i"
regexp:a_ibm:3:any:"/ibm/i"
regexp:a_acer:3:any:"/acer/i"


#consoles
regexp:a_xbox:3:any:"/xbox/i"
regexp:a_playstation:3:any:"/playstation/i"
regexp:a_playstation1:3:any:"/play station/i"

Heres a few more that i get at least.

Sorry guys, I've been pretty tied up (not literally!) with my personal life for the last couple of months. I hope that I can get back to this project in the next few weeks and have a good v3.6 release with some new features.

Does this work on existing posts?

or only new posts since install?

if not, is there a way to get it to process all posts?

Does this work on existing posts?

or only new posts since install?

if not, is there a way to get it to process all posts?

It's only triggered by a user making the post. It'd require a big rewrite to make it work with old posts.

I must say this hack is great, works perfectly. Found a couple of spammers already. One thing is there anyway to not do certain forums. I have a few moderator forums that would be impossible for it post spam in. I want to be able to just to soft delete the spam posts and not have to worry about it deleting the posts in the restricted areas.

Also antoher thing that needs to be updated is the new post when making a new thread to report. I have it setup so it posts a thread in a spam report forum but i cant tell if there has been spam reported unless i go into there. Could you also update the dateline and lastposter and all that as well. I could probably modify myself and just give you the code too, which is what i will probably do once i get time.

I must say this hack is great, works perfectly. Found a couple of spammers already. One thing is there anyway to not do certain forums. I have a few moderator forums that would be impossible for it post spam in. I want to be able to just to soft delete the spam posts and not have to worry about it deleting the posts in the restricted areas.

I understand what you mean but in practise the regexp tests will only be carried out for users with a post count of > the defined threshold. There's a marginal amount of CPU involved doing that single test on their postcount.

Also antoher thing that needs to be updated is the new post when making a new thread to report. I have it setup so it posts a thread in a spam report forum but i cant tell if there has been spam reported unless i go into there. Could you also update the dateline and lastposter and all that as well. I could probably modify myself and just give you the code too, which is what i will probably do once i get time.

That would definitely be nice to have. If you get round to writing the code then please let me know, if not it's something I'll end up writing myself.

Will this work on 3.6?

Added a few rules:
#pills
regexp:a_meds:10:any:"/meds/i"
regexp:a_pharmacy:10:any:"/pharmacy/i"
regexp:a_clickhere:5:any:"/click here/i"

Just had a porn spammmer that got caught. The curious thing was that spambuster didn't count the links in the post although there were 3 images linked to urls & 2 text link urls in their post. But here's all it caught:
Rules matched: t_free=5,a_free=5
Total score: 10

Any guess on why it didn't count the urls? I confirmed that the url check is still installed. My full rule list:
## SpamBuster config file
# tests are in the format:
# type:name:score:section:expression

## Title tests
# title starts with free
regexp:t_free:5:title:"/^free/i"
# title starts with free and ends in an exclaimation mark
regexp:t_freebang:5:title:"/^free.*!$/i"
# title ends with three exclamation marks
regexp:t_3bangs:5:title:"/.*!!!$/i"

## Tests title and body
# contains a price in dollars
regexp:a_dollar:5:any:"/\$[\d\.]+/"
# lists a % discount offer
regexp:a_percent:5:any:"/\d+%/i"
# contains a URL
regexp:a_url:3:any:"/http:\/\//"
# contins the word free anywhere
# regexp:a_free:5:any:"/free/i"
# contins the word fedex anywhere
regexp:a_fedex:5:any:"/fedex/i"

## Known spam sites
regexp:a_dotdeals:10:any:"/dotdeals\.com/i"
regexp:a_ekmas:10:any:"/ekmas\.com/i"
regexp:a_qckjmp:10:any:"/c\.qckjmp\.com/i"
regexp:a_websponsors:10:any:"/\.websponsors\.com/i"
regexp:a_wonderyears:10:any:"/\.wonderyears\.com/i"
regexp:a_lynxtrack:10:any:"/\.lynxtrack\.com/i"
regexp:a_getodp:10:any:"/\.getodp\.com/i"
regexp:a_actualdeals:10:any:"/\.actualdeals\.com/i"
regexp:a_pdv001:10:any:"/\.pdv001\.com/i"
regexp:a_eajmp:10:any:"/\.eajmp\.com/i"
regexp:a_aftrk.com:10:any:"/\.aftrk\.com/i"
regexp:a_lps999.com:10:any:"/\.lps999\.com/i"
regexp:a_e2save.com:10:any:"/\.e2save\.com/i"
regexp:a_qksrv.net:10:any:"/\.qksrv\.net/i"
regexp:a_dse500.com:10:any:"/\.dse500\.com/i"
regexp:a_bag1881.com:10:any:"/\.bag1881\.com/i"
regexp:a_esrmtech.com:10:any:"/\.esrmtech\.com/i"
regexp:a_jokescratchcards:10:any:"/jokescratchcards/i"
regexp:a_83332:10:any:"/83332/i"
regexp:a_eaziit:10:any:"/eazi\.it/i"
regexp:a_bravehost:10:any:"/bravehost\.com/i"
regexp:a_dailyunique:10:any:"/dailyunique\.com/i"
regexp:a_en+++++:10:any:"/en+++++\.com/i"
regexp:a_putzamare2004:10:any:"/putzamare2004/i"
regexp:a_cpsasales:10:any:"/cpsasales\.co\.uk/i"
regexp:a_madhouse21:10:any:"/madhouse21/i"
regexp:a_raelian:10:any:"/rael\.org/i"
regexp:a_speedflip:10:any:"/speedflip\.com/i"
regexp:a_fredphones:10:any:"/fredphones/i"
regexp:a_watchgem:10:any:"/watchgem\.com/i"
regexp:a_250free:10:any:"/250free\.com/i"
regexp:a_bagluxury:10:any:"/bagluxury\.com/i"
regexp:a_greatnow:10:any:"/greatnow\.com/i"
regexp:a_ampd:10:any:"/ampd\.com/i"
regexp:a_remster5:10:any:"/remster5/i"
regexp:a_tipcell:10:any:"/tipcell\.com/i"
regexp:a_hotxxxstuff:10:any:"/hotxxxstuff\.com/i"
regexp:a_pochrist:10:any:"/thepassionofthechrist/i"
regexp:t_feelsad:10:title:"/This picture may make some of you feel sad/i"
regexp:a_winme:10:any:"/win-me\.biz/i"
regexp:a_pharmacy1010:10:any:"/pharmacy1010\.com/i"
regexp:a_picfury:10:any:"/picfury\.com/i"
regexp:a_mightybody:10:any:"/mightybody\.com/i"
regexp:a_winantispyware:10:any:"/winantispyware\.com/i"
regexp:a_systemdoctor:10:any:"/systemdoctor\.com/i"
regexp:a_rogalik:10:any:"/rogalik\.net/i"
regexp:a_aapurse:10:any:"/aapurse\.com/i"
regexp:a_freepay:10:any:"/freepay\.com/i"

##Casino
regexp:t_cardstud:10:title:"/online seven card stud/i"
regexp:t_888casino:10:title:"/888 Casino/i"
regexp:t_freeslots:10:title:"/free slots/i"
regexp:t_onlinepoker:10:title:"/online poker tournament/i"
regexp:t_videopoker:10:title:"/video poker/i"
regexp:t_pokerrooms:10:title:"/online poker rooms/i"
regexp:t_freeslots:10:title:"/free slots/i"
regexp:t_baccarat:10:title:"/baccarat/i"
regexp:t_online7:5:title:"/online seven card stud/i"
regexp:t_roulette:10:title:"/roulette/i"
regexp:a_888:10:any:"/888\.com/i"
regexp:a_ajcarvelli:10:any:"/ajcarvelli\.com/i"
regexp:a_7cardstud:10:any:"/seven card stud/i"
regexp:a_stud:5:any:"/stud/i"
regexp:a_baccarat:5:any:"/baccarat/i"
regexp:a_casino:5:any:"/casino/i"
regexp:a_online:5:any:"/online/i"
regexp:a_free:5:any:"/free/i"
regexp:a_slots:5:any:"/slots/i"
regexp:a_keno:5:any:"/keno/i"

#Phones
regexp:a_sidekick:3:any:"/sidekick/i"
regexp:a_nokia:3:any:"/nokia/i"
regexp:a_ericsson:3:any:"/ericsson/i"
regexp:a_motorola:3:any:"/motorola/i"
regexp:a_nextel:3:any:"/nextel/i"
regexp:a_kyocera:3:any:"/kyocera/i"

#computers
regexp:a_dell:3:any:"/dell/i"
regexp:a_alienware:3:any:"/alienware/i"
regexp:a_apple:3:any:"/apple/i"
regexp:a_ipod:3:any:"/ipod/i"
regexp:a_toshiba:3:any:"/toshiba/i"
regexp:a_vaio:3:any:"/vaio/i"
regexp:a_ibm:3:any:"/ibm/i"
regexp:a_acer:3:any:"/acer/i"

#consoles
regexp:a_xbox:3:any:"/xbox/i"
regexp:a_playstation:3:any:"/playstation/i"
regexp:a_playstation1:3:any:"/play station/i"

#pills
regexp:a_meds:10:any:"/meds/i"
regexp:a_pharmacy:10:any:"/pharmacy/i"
regexp:a_clickhere:5:any:"/click here/i"


Thanks for the nice mod, Ross

Awesome mod. Thanks.

I'm running 3.6.0 and it does not work. Fails with the error others have posted:

Fatal error: Call to undefined function: sb_test() in /home/morcmtb/public_html/forums/includes/class_dm_threadpost.php(1549) : eval()'d code on line 2

This happens immediately when I try post a message using a test user.

This would be really nice if someone could find out why this happens.

So far all I have seen are people re-installing it or disabling then re-installing it. That did not work for me. Someone mentioned turning on moderation - not sure what they meant by that, we have some forums that have leaders, some do not - I have 4 users that are moderators in general.

I'd be careful of this until someone confirms why this is happening. UNINSTALLING

This looks really interesting .. Has anyone had any issues with it deleting legit posts by members?

This looks really interesting .. Has anyone had any issues with it deleting legit posts by members?
it doesnt delete, it puts the post under moderation. Then you can make it post a new post in some forum that way you can check to see oh well this is under moderation. And then accept the post if it should be valid.

This modication is nice, installed on 3.6.1 and working great. Thank you UK Jimbo for this.
I have set spam buster to post a thread upon spam detection, it does post when spam is detected but forum counter not getting updated, may be a bug or something. I understand this is not meant for use on 3.6.1 but it helps me thank you. Any help in this direction would be nice thank you.

I've fixed the problem myself, by modifying the plugin so that it checks if the function exists, for example:


<phpcode><![CDATA[
if (function_exists('sbhits') == true) {
$GLOBALS['sbhits'] = sb_test($this);
} else {
$GLOBALS['sbhits'] = array();
}
]]></phpcode>


The plugin still seems to work, and I can use my moderation tools again. Hope this helps.

Where exactly did you put this bit of code? I still have the sb_test error and really want to use this hack.

It seems that something has been missed in this hack to watch for potential conflicts or other...?

how do you search for something but have an exception.

I want to be able to search for urls but exclude the urls within the forums.

Example:

It finds www.somespamsite.com and because it has www. it marks it as spam.

But how can you change it so if say someone does www.yourforumaddress.com/thread.... so if it has yourforumaddress in there it will just ignore it.

finally got around to working on this, this should update the latest posts and counters in the forum you dump the spam reports in.

// creates a thread - should uses phrases perhaps
function sb_post_thread(&$post,&$hits,$table=null) {

require_once('./global.php');
require_once('./includes/class_dm.php');
require_once('./includes/class_dm_threadpost.php');
global $vbulletin;

//$threaddm = new vB_DataManager_Thread_FirstPost($GLOBALS['vbulletin'], ERRTYPE_STANDARD);
$threaddm =& datamanager_init('Thread_FirstPost', $vbulletin, ERRTYPE_ARRAY, 'threadpost');

$title = 'SpamBuster report';

if( $spam_threadtitle = $post->fetch_field('title',$table) ) {
$title .= ": $spam_threadtitle";
}

// to keep things tidy
$spam_user = $post->registry->userinfo['username'];
$spam_post = $post->fetch_field('pagetext',$table);
$spam_postid = $post->fetch_field($post->table == 'post' ? 'postid' : 'firstpostid');
$spam_url = $post->registry->options['bburl'] .'/showthread.php?p='. $spam_postid;
foreach($hits as $k => $v) {
if($k == 'total') {
$spam_hit_total = $v;
} else {
$spam_hits[] = "$k=$v";
}
}
$spam_hit_text = implode(',', $spam_hits);

$pagetext = <<<EOT
This is an automatic post from SpamBuster. The following spam post has been detected:

${spam_post}

To view this post please visit:
${spam_url}

Rules matched: ${spam_hit_text}
Total score: ${spam_hit_total}
EOT;


$foruminfo['forumid'] = $post->registry->options['spambusterforumid'];
$foruminfo = fetch_foruminfo($foruminfo['forumid']);
$threadinfo = array();


$forumid = $foruminfo['forumid'];
$byusername = $post->registry->options['spambusterusername'];
$postuserid = $post->registry->options['spambusteruser'];
$userid = $post->registry->options['spambusteruser'];
$allowsmilie = '1';
$visible = '1';


$threaddm->setr('forumid', $forumid);
$threaddm->setr('userid', $userid);
$threaddm->setr('pagetext', $pagetext);
$threaddm->setr('title', $title);

$threaddm->set('allowsmilie', $allowsmilie);
$threaddm->set('visible', $visible);
$threaddm->set_info('forum', $foruminfo);

$threaddm->pre_save();
if(count($threaddm->errors) < 1)
{
$threadid = $threaddm->save();
unset($threaddm);
build_thread_counters($threaddm);
}

build_forum_counters($foruminfo['forumid']);



}


if you want to update this, go to the Plugin Manager
Scroll down to Hook Location : global_start
and find SpamBuster Libraries SpamBuster

Edit that, replace the very last function with this one. function sb_post_thread is what you will need to replace.

I'm trying to add a rule for sex and using one that currently works:

#Phones
regexp:a_sidekick:3:any:"/sidekick/i"

I've tried pasting all sorts of variations of this and none catch as spam and place it in the spam forum directory.

Here's my tests:

#Sex
regexp:a_badword:10:any:"/.com/i"
regexp:a_badword:10:any:"/i"
regexp:a_badword:10:any:"//i"

none of these work. any help would be appreciated.

Fatal error: Call to undefined function: sb_test() in /public_html/forums/includes/class_dm_threadpost.php(728) : eval()'d code on line 1

vb 3.54
I believe it's related to this mod. If I attempt to moderate the posts in the admin cp - ignore/delete work. If I "validate" it throws that error above. Yet - if I look at the post - it's then live on the forum. It still remains in the admin cp though showing it's under moderation - yet it's live on the site working.

Someone else mentioned moderating from the thread itself, but not in the admin cp - Can anyone explain how this works, or how you do it?
- lost

anyone on this?

I get an error if I try to run this rss feed with this hack as well.

https://vborg.vbsupport.ru/showthread.php?t=94510

any programming help here would be great.

Hi UK Jimbo - do you have any idea on when you'll have a vb3.6.x version available?

I'm not php programmer - so I can't really diagnose the issue, but it seems to be with this mod from looking online. No one has a solution for this?

I want to turn it back on - it caught a ton of spam, but it's throwing the same - sb_test error if I have it and the rss feed running. ANY help would be nice

Am I here?

I've just installed this plugin, and it seems to have broken my 'Post Moderation' tools. When I try to approve some posts, I get this:



Seems to me that the global_start didn't run, probably because I'm working in the admin CP. Anyway to fix this? I'm using version 1.0.0 on vB 3.5.4.


then below it a few posts you had this :
https://vborg.vbsupport.ru/showpost.php?p=1004003&postcount=74

I'm not getting any help in this thread, and I'm not sure where you placed that code. I'm getting the same error that you posted and it looks as though you've fixed it on your site?

I get that error if I try to validate in the admincp, AND I get almost the same error if I try to run the RSS posting hack. It throws an SB_Test error which I mentioned on page 9 of that thread about spambuster.

Any help would be great.

am I just on ignore? I've bumped the post like 4 times now, PMed a few members for answers, nothing.

I've verified globals is on, I have no other mods on the site besides google sitemap, miserable users, iTrader, welcome headers, and vbadvaced. I'm not a retard when it comes to this and I've read every post in the stupid thread 4300 times. I'm not the other users who read 1 post and then ask how to do something. That's why my post count is so low. I read and figure it out - but with this I cannot I'm afraid.

I don't know how to fix the error with the admin area - validating messages without it throwing an error, or getting the rss feeds to post without it throwing the same sb_test error.

All of my other mods work fine without spambuster. Rss works fine without spambuster. I turn spambuster on - it errors.

I'd appreciate not being ignored - and even verified that' I'm alive.
:ermm:

am I just on ignore? I've bumped the post like 4 times now, PMed a few members for answers, nothing.

I've verified globals is on, I have no other mods on the site besides google sitemap, miserable users, iTrader, welcome headers, and vbadvaced. I'm not a retard when it comes to this and I've read every post in the stupid thread 4300 times. I'm not the other users who read 1 post and then ask how to do something. That's why my post count is so low. I read and figure it out - but with this I cannot I'm afraid.

I don't know how to fix the error with the admin area - validating messages without it throwing an error, or getting the rss feeds to post without it throwing the same sb_test error.

All of my other mods work fine without spambuster. Rss works fine without spambuster. I turn spambuster on - it errors.

I'd appreciate not being ignored - and even verified that' I'm alive.
:ermm:
first this product is not supported, you can use if you want but you dont have two.

Second the same thing happens for me. Basically on that line its calling

($hook = vBulletinHook::fetch_hook('postdata_presave')) ? eval($hook) : false;

There is a function in that hook from spambuster. Basically spambuster does this
$GLOBALS['sbhits'] = sb_test($this);

So when you call on that hook its not only going to do its thing and what not but its going to call on the function sb_test. But sb_test doesnt exist in class_dm_threadpost.php. To fix this i just did a check to see if i am in admin or modcp

Go to Plugin Manager, find Hook Location : postdata_presave

Then click SpamBuster: Normal posts check

Change $GLOBALS['sbhits'] = sb_test($this);


if ((strstr($_SERVER['REQUEST_URI'],'admincp') !== FALSE) && (strstr($_SERVER['REQUEST_URI'],'modcp') !== FALSE))
{
$GLOBALS['sbhits'] = sb_test($this);
}

Worked for me, should work for you.

I'm trying to add a rule for sex and using one that currently works:

#Phones
regexp:a_sidekick:3:any:"/sidekick/i"

I've tried pasting all sorts of variations of this and none catch as spam and place it in the spam forum directory.

Here's my tests:

#Sex
regexp:a_badword:10:any:"/.com/i"
regexp:a_badword:10:any:"/i"
regexp:a_badword:10:any:"//i"


none of these work. any help would be appreciated.

first you need to make a variable for each regex.

## SpamBuster config file
# tests are in the format:
# type:name:score:section:expression

## Title tests
# title starts with free
regexp:t_free:3:title:"/^free/i"
# title starts with free and ends in an exclaimation mark
regexp:t_freebang:3:title:"/^free.*!$/i"
# title ends with three exclamation marks
regexp:t_3bangs:3:title:"/.*!!!$/i"

## Tests title and body
# contains a price in dollars
regexp:a_dollar:5:any:"/\$[\d\.]+/"
# lists a % discount offer
regexp:a_percent:3:any:"/\d+%/i"


#anything related to sex
regexp:a_viagra:3:any:"/viagra/i"
regexp:a_penis:3:any:"/penis/i"
regexp:a_erect:3:any:"/erect/i"
regexp:a_pussy:3:any:"/pussy/i"
regexp:a_barn:3:any:"/barn/i"
regexp:a_zoo:3:any:"/zoo/i"
regexp:a_porn:3:any:"/porn/i"
regexp:a_sex:3:any:"/sex/i"

#other things
regexp:a_drug:3:any:"/drug/i"
regexp:a_fedex:5:any:"/fedex/i"
regexp:a_dhl:5:any:"/dhl/i"
regexp:a_ups:5:any:"/ups/i"


#any link
regexp:a_url:10:any:"/http:\/\//i"
regexp:a_www_url:10:any:"/www\./i"
regexp:a_url2:10:any:"/[^="]http|ftp|gopher[^ \n\r]+(?=[\s\.,])/i"

#Phones
regexp:a_sidekick:3:any:"/sidekick/i"
regexp:a_nokia:3:any:"/nokia/i"
regexp:a_ericsson:3:any:"/ericsson/i"
regexp:a_motorola:3:any:"/motorola/i"
regexp:a_nextel:3:any:"/nextel/i"
regexp:a_kyocera:3:any:"/kyocera/i"


#computers
regexp:a_laptop:3:any:"/laptop/i"
regexp:a_dell:3:any:"/dell/i"
regexp:a_alienware:3:any:"/alienware/i"
regexp:a_apple:3:any:"/apple/i"
regexp:a_ipod:3:any:"/ipod/i"
regexp:a_toshiba:3:any:"/toshiba/i"
regexp:a_vaio:3:any:"/vaio/i"
regexp:a_ibm:3:any:"/ibm/i"
regexp:a_acer:3:any:"/acer/i"

#pills
regexp:a_meds:5:any:"/meds/i"
regexp:a_pharmacy:5:any:"/pharmacy/i"
regexp:a_clickhere:5:any:"/click here/i"

#consoles
regexp:a_xbox:3:any:"/xbox/i"
regexp:a_playstation:3:any:"/playstation/i"
regexp:a_playstation1:3:any:"/play station/i"

#Casino spam
regexp:t_cardstud:3:title:"/online seven card stud/i"
regexp:t_888casino:3:title:"/888 Casino/i"
regexp:t_freeslots:3:title:"/free slots/i"
regexp:t_onlinepoker:3:title:"/online poker tournament/i"
regexp:t_videopoker:3:title:"/video poker/i"
regexp:t_pokerrooms:3:title:"/online poker rooms/i"
regexp:t_freeslots:3:title:"/free slots/i"
regexp:t_baccarat:3:title:"/baccarat/i"
regexp:t_online7:3:title:"/online seven card stud/i"
regexp:t_roulette:3:title:"/roulette/i"
regexp:a_888:3:any:"/888\.com/i"
regexp:a_ajcarvelli:3:any:"/ajcarvelli\.com/i"
regexp:a_7cardstud:3:any:"/seven card stud/i"
regexp:a_stud:3:any:"/stud/i"
regexp:a_baccarat:5:any:"/baccarat/i"
regexp:a_casino:3:any:"/casino/i"
regexp:a_online:3:any:"/online/i"
regexp:a_free:3:any:"/free/i"
regexp:a_slots:3:any:"/slots/i"
regexp:a_keno:3:any:"/keno/i"

## Known spam sites
regexp:a_dotdeals:10:any:"/dotdeals\.com/i"
regexp:a_ekmas:10:any:"/ekmas\.com/i"
regexp:a_qckjmp:10:any:"/c\.qckjmp\.com/i"
regexp:a_websponsors:10:any:"/\.websponsors\.com/i"
regexp:a_wonderyears:10:any:"/\.wonderyears\.com/i"
regexp:a_lynxtrack:10:any:"/\.lynxtrack\.com/i"
regexp:a_getodp:10:any:"/\.getodp\.com/i"
regexp:a_actualdeals:10:any:"/\.actualdeals\.com/i"
regexp:a_pdv001:10:any:"/\.pdv001\.com/i"
regexp:a_eajmp:10:any:"/\.eajmp\.com/i"
regexp:a_aftrk.com:10:any:"/\.aftrk\.com/i"
regexp:a_lps999.com:10:any:"/\.lps999\.com/i"
regexp:a_e2save.com:10:any:"/\.e2save\.com/i"
regexp:a_qksrv.net:10:any:"/\.qksrv\.net/i"
regexp:a_dse500.com:10:any:"/\.dse500\.com/i"
regexp:a_bag1881.com:10:any:"/\.bag1881\.com/i"
regexp:a_esrmtech.com:10:any:"/\.esrmtech\.com/i"
regexp:a_jokescratchcards:10:any:"/jokescratchcards/i"
regexp:a_83332:10:any:"/83332/i"
regexp:a_eaziit:10:any:"/eazi\.it/i"
regexp:a_bravehost:10:any:"/bravehost\.com/i"
regexp:a_dailyunique:10:any:"/dailyunique\.com/i"
regexp:a_en+++++:10:any:"/en+++++\.com/i"
regexp:a_putzamare2004:10:any:"/putzamare2004/i"
regexp:a_cpsasales:10:any:"/cpsasales\.co\.uk/i"
regexp:a_madhouse21:10:any:"/madhouse21/i"
regexp:a_raelian:10:any:"/rael\.org/i"
regexp:a_speedflip:10:any:"/speedflip\.com/i"
regexp:a_fredphones:10:any:"/fredphones/i"
regexp:a_watchgem:10:any:"/watchgem\.com/i"
regexp:a_250free:10:any:"/250free\.com/i"
regexp:a_bagluxury:10:any:"/bagluxury\.com/i"
regexp:a_greatnow:10:any:"/greatnow\.com/i"
regexp:a_ampd:10:any:"/ampd\.com/i"
regexp:a_remster5:10:any:"/remster5/i"
regexp:a_tipcell:10:any:"/tipcell\.com/i"
regexp:a_hotxxxstuff:10:any:"/hotxxxstuff\.com/i"
regexp:a_pochrist:10:any:"/thepassionofthechrist/i"
regexp:t_feelsad:10:title:"/This picture may make some of you feel sad/i"
regexp:a_winme:10:any:"/win-me\.biz/i"
regexp:a_pharmacy1010:10:any:"/pharmacy1010\.com/i"
regexp:a_picfury:10:any:"/picfury\.com/i"
regexp:a_mightybody:10:any:"/mightybody\.com/i"
regexp:a_winantispyware:10:any:"/winantispyware\.com/i"
regexp:a_systemdoctor:10:any:"/systemdoctor\.com/i"
regexp:a_rogalik:10:any:"/rogalik\.net/i"
regexp:a_aapurse:10:any:"/aapurse\.com/i"
regexp:a_freepay:10:any:"/freepay\.com/i"

# Other string based stuff
regexp:a_pochrist:10:any:"/thepassionofthechrist/i"
regexp:t_feelsad:10:title:"/This picture may make some of you feel sad/i"

regexp:a_email:10:any:"/\b[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b/i"


note i have

regexp:a_url:10:any:"/http:\/\//i"
regexp:a_www_url:10:any:"/www\./i"
regexp:a_url2:10:any:"/[^="]http|ftp|gopher[^ \n\r]+(?=[\s\.,])/i"


for some reason the first one would not work but my second one does. Looks complicated but basically it trys to find http ftp or gopher. you can also do something like

regexp:a_url2:10:any:"/[^="]http|ftp|gopher|com|www[^ \n\r]+(?=[\s\.,])/i"
but note on the www. its /www\./i, btw the i is to ignore case. So it basically converts it to lowercase and then checks. But its /www\./ because of the period. otherwise you could do /www/i which will find that exact value unless you have a unique character like a period then you have to do something like shown above.

then below it a few posts you had this :
https://vborg.vbsupport.ru/showpost.php?p=1004003&postcount=74

I'm not getting any help in this thread, and I'm not sure where you placed that code. I'm getting the same error that you posted and it looks as though you've fixed it on your site?

I get that error if I try to validate in the admincp, AND I get almost the same error if I try to run the RSS posting hack. It throws an SB_Test error which I mentioned on page 9 of that thread about spambuster.

Any help would be great.
BTW you can also do whats on post 74, same area where i said above.

Quick note that it worked for me for anyone else looking to solve this problem, it beats installing, uninstalling, disabling, etc. Thanks for that!


Go to Plugin Manager, find Hook Location : postdata_presave

Then click SpamBuster: Normal posts check

Change $GLOBALS['sbhits'] = sb_test($this);


if ((strstr($_SERVER['REQUEST_URI'],'admincp') !== FALSE) && (strstr($_SERVER['REQUEST_URI'],'modcp') !== FALSE))
{
$GLOBALS['sbhits'] = sb_test($this);
}

Worked for me, should work for you.

Quick thanks and an atta-boy for this hack. I have been customizing the text file for the past day or two. It is currently 99% accurate at spotting spam and has cut down the reported posts (the main goal) 90% on the first day. Our users never see the spam, our moderators can handle it easier, a true win\win for everybody... except the spammers.

I have upgraded to 3.6.4 - thought it was working ok, but apparently it only works for thread replies. If a new post is made, it is not checked, but reply to any post, and the post will be flagged correctly.

Does anyone know how I can fix this?

Great Mod thanks. stopped 10 spam the 1st 24 hours. can it be changed alittle? I would like to autoban the user and delete tread or post at the same time

can that be an option you can enable?

or have the moderate icon clickable, so when you click on it will delete the tread and ban the user

Also can this be used on PM's I have a few spam bots some and start sending spam via PM too

I saw this in use on a few other sites. nice work.

Here is our updated spambuster rules. We are at about 90% effective right now. The ones getting by are typically rare single domain posts. Since we have people posting Hijack This log files, those occasionally get caught, but we are very happy with this latest file.

Our work on this updated text is 3 months and 282 replies from our moderators perfecting it! It uses a LOT of known spamming domains, so if your website allows a ton of html links, this wont work very well for you, but you can edit it yourself.

A good bit of re-write and time has gone into it, I hope it helps you as much as it has us.

Comments and suggestions welcome.

I've installed this hack, but as a result, it has broken my Moderate Posts function. If it catches a false positive, I have to disable the product, approve the post, then re-enable it.

I have upgraded to 3.6.4 - thought it was working ok, but apparently it only works for thread replies. If a new post is made, it is not checked, but reply to any post, and the post will be flagged correctly.

Does anyone know how I can fix this?

I'm also having this problem. It did work OK, but doesn't seem to now.

any way to get this mod for 3.6.5 ?

yes please could this be ported to the latest release as it was great in 3.5 but now the spam is creeping back :(

I really need this for the latest 3.6.x

Does anyone know what I can do to get it to function properly? I am averaging 3-5 daily that I have to manually fix.

Hi,
I just installed this hack, but it doesn't seem to be working? At least I can't seem to get it to do anything.

it's installed, it appears to be enabled, but not catching anything or posting in the forum I wanted it too.

I created a new testuser, and created a new post with the subject
BIG MONEY

and then the only thing I put in the post was a URL

http:www.bigmoneyscam.com

and it let it threw?

What am I doing wrong?

here is the config file I'm using## SpamBuster config file
# re-written by MajorGeeks.Com
# tests are in the format:
# type:name:score:section:expression

########################################
## Website root domains - commonly used and overseas domains. Dot info is the worst.
########################################
regexp:a_dotae:10:any:"/\.ae/i"
regexp:a_dotbiz:10:any:"/\.biz/i"
regexp:a_dotcc:10:any:"/\.cc/i"
regexp:a_dotcn:10:any:"/\.cn/i"
regexp:a_dotde:10:any:"/\.de/i"
regexp:a_dotedu:10:any:"/\.edu/i"
regexp:a_dotfm:10:any:"/\.fm/i"
regexp:a_dothungary:10:any:"/\.hu/i"
regexp:a_dotindia:10:any:"/\.in/i"
regexp:a_dotis:10:any:"/\.is/i"
regexp:a_dotinfo:10:any:"/\.info/i"
regexp:a_dotjapan:10:any:"/\.jp/i"
regexp:a_dotkorea:10:any:"/\.kr/i"
regexp:a_dotkorea:10:any:"/\.ky/i"
regexp:a_dotla:10:any:"/\.la/i"
regexp:a_dotly:10:any:"/\.ly/i"
regexp:a_dotnet:9:any:"/\.net/i"
regexp:a_dotno:10:any:"/\.no/i"
regexp:a_dotorg:5:any:"/\.org/i"
regexp:a_dotpoland:10:any:"/\.pl/i"
regexp:a_dotrussia:10:any:"/\.ru/i"
regexp:a_dottw:10:any:"/\.tw/i"
regexp:a_dotus:10:any:"/\.us/i"

########################################
## Website specific domains - mainly dot com, us and cc
########################################
regexp:a_0catch:10:any:"/0catch\.com/i"
regexp:a_0rz:10:any:"/0rz\.com/i"
regexp:a_3-hosting:10:any:"/3-hosting\.net/i"
regexp:a_32url:10:any:"/32url\.com/i"
regexp:a_150m:10:any:"/150m\.com/i"
regexp:a_250x:10:any:"/250x\.com/i"
regexp:a_888:10:any:"/888\.com/i"
regexp:a_9999mb:10:any:"/9999mb\.com/i"
regexp:a_adultfriendfinder:10:any:"/adultfriendfinder\.com/i"
regexp:a_ajcarvelli:10:any:"/ajcarvelli\.com/i"
regexp:a_alldating:10:any:"/alldating\.org/i"
regexp:a_asphost4free:10:any:"/asphost4free\.com/i"
regexp:a_hometownaol:10:any:"/hometown.aol\.com/i"
regexp:a_asapdeal:10:any:"/asapdeals\.com/i"
regexp:a_hometownaol:10:any:"/hometown.aol\.de/i"
regexp:a_bigsearcher:10:any:"/bigsearcher\.net/i"
regexp:a_blogdangit:10:any:"/blogdangit\.com/i"
regexp:a_bloggingmylife:10:any:"/bloggingmylife\.com/i"
regexp:a_blogspot:10:any:"/blogspot\.com/i"
regexp:a_bravehost:10:any:"/bravehost\.com/i"
regexp:a_chueca:10:any:"/chueca\.com/i"
regexp:a_cjb:10:any:"/cjb\.net/i"
regexp:a_clasificalia:10:any:"/clasificalia\.com/i"
regexp:a_createblog:10:any:"/createblog\.us/i"
regexp:a_draftblank:10:any:"/draftblank\.org/i"
regexp:a_dreaminder:10:any:"/dreaminder\.com/i"
regexp:a_drivecleaner:10:any:"/drivecleaner\.com/i"
regexp:a_duobackshopping:10:any:"/duobackshopping\.com/i"
regexp:a_forex:10:any:"/forex\.com/i"
regexp:a_etradeoil:10:any:"/etradeoil\.com/i"
regexp:a_find4uorg:10:any:"/find4u\.org/i"
regexp:a_free3xmovies:10:any:"/free3xmovies\.com/i"
regexp:a_freehostia:10:any:"/freehostia\.com/i"
regexp:a_freelotto:10:any:"/freelotto\.com/i"
regexp:a_freewebs:10:any:"/freewebs\.com/i"
regexp:a_forumophilia:10:any:"/forumophilia\.com/i"
regexp:a_genterist:10:any:"/genterist\.net/i"
regexp:a_geocities:5:any:"/geocities\.com/i"
regexp:a_gowinworld:10:any:"/gowinworld\.com/i"
regexp:a_happyhost:10:any:"/happyhost\.org/i"
regexp:a_hi5:10:any:"/hi5\.com/i"
regexp:a_highcareer:10:any:"/highcareer\.com/i"
regexp:a_hometownaol:4:any:"/hometown.aol\.com/i"
regexp:a_hyip:10:any:"/hyip\.com/i"
regexp:a_jeeee:10:any:"/jeeee\.net/i"
regexp:a_jobyour:10:any:"/jobyour\.com/i"
regexp:a_juststolen:10:any:"/juststolen\.net/i"
regexp:a_kicks-ass:10:any:"/kicks-ass\.org/i"
regexp:a_kuznetsova:10:any:"/kuznetsova\.net/i"
regexp:a_kokoom:10:any:"/kokoom\.com/i"
regexp:a_lipitor:10:any:"/lipitor\.com/i"
regexp:a_maplestorywiki:10:any:"/maplestorywiki\.com/i"
regexp:a_maple-story-hacks:10:any:"/maple-story-hacks\.com/i"
regexp:a_mbporno:10:any:"/mbporno\.net/i"
regexp:a_mediapost:10:any:"/mediapost\.net/i"
regexp:a_metamark:10:any:"/metamark\.net/i"
regexp:a_mobilitydrive:10:any:"/mobilitydrive\.com/i"
regexp:a_mp3sonido:10:any:"/mp3sonido\.com/i"
regexp:a_myspace:8:any:"/myspace\.com/i"
regexp:a_mytrickster:10:any:"/mytrickster\.net/i"
regexp:a_myworldresults:10:any:"/myworldresults\.com/i"
regexp:a_n00bie:10:any:"/n00bie\.net/i"
regexp:a_notlong:10:any:"/notlong\.com/i"
regexp:a_online-games-hacks:10:any:"/online-games-hacks\.com/i"
regexp:a_orgfree:10:any:"/orgfree\.com/i"
regexp:a_pharmacyforlife:10:any:"/pharmacyforlife\.com/i"
regexp:a_pilul:10:any:"/pilul\.org/i"
regexp:a_photobucket:5:any:"/photobucket\.com/i"
regexp:a_private-e-gold:10:any:"/private-e-gold\.com/i"
regexp:a_prohosting:8:any:"/prohosting\.com/i"
regexp:a_queroumforum:10:any:"/queroumforum\.com/i"
regexp:a_quickfreehost:10:any:"/quickfreehost\.com/i"
regexp:a_RhinoBrands:10:any:"/RhinoBrands\.com/i"
regexp:a_Security-Scanner:10:any:"/Security-Scanner\.net/i"
regexp:a_semaorg:10:any:"/sema\.org/i"
regexp:a_seo-promotion:10:any:"/seo-promotion\.org/i"
regexp:a_sexplaycam:10:any:"/sexplaycam\.com/i"
regexp:a_shorlcom:8:any:"/shorl\.com/i"
regexp:a_shorturl:8:any:"/shorturl\.com/i"
regexp:a_shortenurl:8:any:"/shortenurl\.com/i"
regexp:a_shove-it:10:any:"/shove-it\.com/i"
regexp:a_shrinkurl:8:any:"/shrinkurl\.us/i"
regexp:a_shurl:8:any:"/shurl\.com/i"
regexp:a_sitepalace:10:any:"/sitepalace\.com/i"
regexp:a_snipurl:8:any:"/snipurl\.com/i"
regexp:a_sphosting:10:any:"/sphosting\.com/i"
regexp:a_sponsor123:10:any:"/sponsor123\.org/i"
regexp:a_topgamesites:10:any:"/topgamesites\.net/i"
regexp:a_tripod:9:any:"/tripod\.com/i"
regexp:a_turkage:10:any:"/turkage\.com/i"
regexp:a_t35:10:any:"/t35\.com/i"
regexp:a_templatemonster:10:any:"/templatemonster\.com/i"
regexp:a_theblogaddict:10:any:"/theblogaddict\.com/i"
regexp:a_theonlyprofit:10:any:"/theonlyprofit\.com/i"
regexp:a_thewarcenter:10:any:"/thewarcenter\.com/i"
regexp:a_thewongfamily:10:any:"/thewongfamily\.com/i"
regexp:a_tiny.cc:10:any:"/tiny\.cc/i"
regexp:a_tiny2go:10:any:"/tiny2go\.com/i"
regexp:a_tinyurl:10:any:"/tinyurl\.com/i"
regexp:a_TopgoldExchange:10:any:"/TopgoldExchange\.com/i"
regexp:a_toppornclips:10:any:"/toppornclips\.com/i"
regexp:a_topsorted:10:any:"/topsorted\.com/i"
regexp:a_twelvemonths:10:any:"/twelvemonths\.org/i"
regexp:a_urlcutter:10:any:"/urlcutter\.com/i"
regexp:a_urlsnip:10:any:"/urlsnip\.com/i"
regexp:a_uranime:10:any:"/uranime\.com/i"
regexp:a_utairway:10:any:"/utairway\.com/i"
regexp:a_vipvirgins:10:any:"/vipvirgins\.net/i"
regexp:a_voserb:10:any:"/voserb\.com/i"
regexp:a_weblogpost:10:any:"/weblogpost\.com/i"
regexp:a_websamba:10:any:"/websamba\.com/i"
regexp:a_w3t:10:any:"/w3t\.org/i"
regexp:a_weblover:10:any:"/weblover\.org/i"
regexp:a_webspawner:10:any:"/webspawner\.com/i"
regexp:a_wordpress:8:any:"/wordpress\.com/i"
regexp:a_xoompages:10:any:"/xoompages\.com/i"
regexp:a_xxx-01:10:any:"/xxx\.com/i"
regexp:a_yesitisfree:10:any:"/yesitisfree\.com/i"

########################################
## Word specific blocks
########################################

##Casino
regexp:t_baccarat:6:title:"/baccarat/i"
regexp:a_casino:6:any:"/casino/i"
regexp:a_keno:6:any:"/keno/i"
regexp:a_poker:6:any:"/poker/i"
regexp:t_roulette:6:title:"/roulette/i"
regexp:a_slots:5:any:"/slots/i"

#Phones
regexp:a_ericsson:8:any:"/ericsson/i"
regexp:a_kyocera:8:any:"/kyocera/i"
regexp:a_motorola:8:any:"/motorola/i"
regexp:a_nextel:8:any:"/nextel/i"
regexp:a_nokia:8:any:"/nokia/i"
regexp:a_ringtone:8:any:"/ringtone/i"

#consoles
regexp:a_Nintendo:4:any:"/Nintendo/i"
regexp:a_playstation:4:any:"/playstation/i"
regexp:a_xbox:4:any:"/xbox/i"
regexp:a_PS3:4:any:"/PS3/i"

#Drugs and pharmacy
regexp:a_Acne:10:any:"/Acne/i"
regexp:a_Anatrim:10:any:"/Anatrim/i"
regexp:a_ativan:10:any:"/ativan/i"
regexp:a_alprazolam:10:any:"/alprazolam/i"
regexp:a_carisporodol:10:any:"/carisporodol/i"
regexp:a_cialis:10:any:"/cialis/i"
regexp:a_Clenbuterol:10:any:"/Clenbuterol/i"
regexp:a_enhancement:5:any:"/enhancement/i"
regexp:a_ephedra:10:any:"/ephedra/i"
regexp:a_ephedrine:10:any:"/ephedrine/i"
regexp:a_hcl:4:any:"/hcl/i"
regexp:a_lamictal:10:any:"/lamictal/i"
regexp:a_levitra:10:any:"/levitra/i"
regexp:a_Xanaax:10:any:"/Nicotrol/i"
regexp:a_Percocet:10:any:"/Percocet/i"
regexp:a_pharmacy:5:any:"/pharmacy/i"
regexp:a_pills:3:any:"/pills/i"
regexp:a_Pimple:5:any:"/Pimple/i"
regexp:a_phentermine:10:any:"/phentermine/i"
regexp:a_pheromones:10:any:"/pheromones/i"
regexp:a_Propecia:10:any:"/Propecia/i"
regexp:a_prozac:10:any:"/prozac/i"
regexp:a_Soma:3:any:"/Soma/i"
regexp:a_Steroids:7:any:"/Steroids/i"
regexp:a_tramadol:10:any:"/tramadol/i"
regexp:a_ultram:9:any:"/ultram/i"
regexp:a_viagra:10:any:"/viagra/i"
regexp:a_wellbutrin:10:any:"/wellbutrin/i"
regexp:a_xanax:10:any:"/xanax/i"
regexp:a_Xanax:10:any:"/Xanax/i"
regexp:a_Xanaax:10:any:"/Xanaax/i"
regexp:a_Zyban:10:any:"/Zyban/i"

#Porn and dating
regexp:a_alcohol:5:any:"/alcohol/i"
regexp:a_anal:10:any:"/anal/i"
regexp:a_blowjobs:10:any:"/blowjobs/i"
regexp:a_boobs:10:any:"/boobs/i"
regexp:a_Britney:5:any:"/Britney/i"
regexp:a_cum:6:any:"/cum/i"
regexp:a_cumshots:6:any:"/cumshots/i"
regexp:a_++++:10:any:"/++++/i"
regexp:a_dating:5:any:"/dating/i"
regexp:a_drunk:5:any:"/drunk/i"
regexp:a_ejaculation:10:any:"/ejaculation/i"
regexp:a_fisting:9:any:"/fisting/i"
regexp:a_gangbang:10:any:"/gangbang/i"
regexp:a_girlfriend:8:any:"/girlfriend/i"
regexp:a_horny:10:any:"/horny/i"
regexp:a_incest:10:any:"/incest/i"
regexp:a_juggs:8:any:"/juggs/i"
regexp:a_lesbian:10:any:"/lesbian/i"
regexp:a_milf:10:any:"/milf/i"
regexp:a_nudism:10:any:"/nudism/i"
regexp:a_penis:10:any:"/penis/i"
regexp:a_porn:4:any:"/porn/i"
regexp:a_rape:10:any:"/rape/i"
regexp:a_sex:4:any:"/sex/i"
regexp:a_shemale:10:any:"/shemale/i"
regexp:a_sexual:10:any:"/sexual/i"
regexp:a_tits:10:any:"/tits/i"
regexp:a_virgin:10:any:"/virgin/i"
regexp:a_webcam:6:any:"/webcam/i"
regexp:a_xxx:6:any:"/xxx/i"
regexp:a_whores:10:any:"/whores/i"

#Non English words
regexp:a_?:10:any:"/?/i"
regexp:a_?:10:any:"/?/i"
regexp:a_?:10:any:"/?/i"
regexp:a_?:10:any:"/?/i"
regexp:a_?:10:any:"/?/i"
regexp:a_?:10:any:"/?/i"
regexp:a_Giochi:10:any:"/Giochi/i"
regexp:a_Levione:10:any:"/Lezione/i"
regexp:a_Paginas:10:any:"/Paginas/i"
regexp:a_Registrierung:5:any:"/Registrierung/i"

#Miscellaneous
regexp:a_anime:5:any:"/anime/i"
regexp:a_bankruptcy:8:any:"/bankruptcy/i"
regexp:a_E-Gold:6:any:"/E-Gold/i"
regexp:a_estore:5:any:"/estore/i"
regexp:a_forex:10:any:"/forex/i"
regexp:a_Investor:3:any:"/Investor/i"
regexp:a_Rolex:5:any:"/Rolex/i"
regexp:a_surgery:3:any:"/surgery/i"
regexp:a_Stockbroker:4:any:"/Stockbroker/i"

Here is our updated spambuster rules. We are at about 90% effective right now. The ones getting by are typically rare single domain posts. Since we have people posting Hijack This log files, those occasionally get caught, but we are very happy with this latest file.

Our work on this updated text is 3 months and 282 replies from our moderators perfecting it! It uses a LOT of known spamming domains, so if your website allows a ton of html links, this wont work very well for you, but you can edit it yourself.

A good bit of re-write and time has gone into it, I hope it helps you as much as it has us.

Comments and suggestions welcome.

This is a fantastic ruleset. Thanks for sharing it. I've included it as the default to SpamBuster v1.1.0 which I'll be releasing in the next few moments.


finally got around to working on this, this should update the latest posts and counters in the forum you dump the spam reports in.

{code}

Nice work Kungfu. I've included code v.similar to that in v1.1.0 too. Thanks.

Ladies & Gentlemen. I'm happy to announce v1.1.0

https://vborg.vbsupport.ru/showthread.php?t=155242

Let me ask one question will this clean a board of spam thats already been posted. I cant find the answer to that. If it can how can we trigger it. I tried using maintenance but that was unsuccessful.

Had to uninstall this off my 3.5.4 it was moderating posts that didn't have keywords listed and prevented inline moderation of the unapproved posts. :(