[imported_silkroad]

Quote:

Originally Posted by skippybosco

@imported_silkroad: What is the IP address in question? Have you reported it to the admins at Stop Forum Spam so it can be investigated and potentially removed from the database?

Consider a few possibilities:

1) The IP address has been recycled and is no longer being used by Sun MicroSystems
2) Could very well be a compromised machine of a Sun MicroSystems employee (like the 43 companies that were recently had employees computers compromised such as Google, Adobe, Microsoft, Yahoo, etc)
3) Could very well be a Sun MicroSystem employee trolling/flaming forums from their work computer (while not a traditional "bot" activity, many admins still consider this "pollution" of their forums and as such will report it.

That being said, you're correct that until the "reputation" system is in place and refined, there is a chance that someone could enter a valid IP address into the database intentionally or accidentally. There are, however, things you can do as an admin to reduce the impact of such a thing:

1) make use of the additional details available from the API such as "last seen" and "frequency reported". Unless someone is maliciously targeting a specific IP, the likelihood of multiple entries in a short period of time are fairly low.
2) set your configuration to not "block" registration but rather quarantine the "suspect" users (ie. those with matching info) to more restrictive VB usergroups and either have their posts content validated by something like AkiSmet (automated) or moderated (manually) and then make use of promotion rules within vB to automate their transition to non-quarantined. Even without fear of "data pollution" this is a sound strategy that I employ on my sites.

No, it was non of those scenarios.

I spoke directly to the Sun employee, who is very professional and very intelligent. They were actually kind enough to contact us and tell us of the problem.

I have a lot of experience with problems with abuse of user-generated blacklists for anti-spam, etc going back nearly 15 years.

The database used for this mod has serious problems.

I like your strategies above to reduce impact and will consider them before removing this mod, which is causing more problems than benefit as our other anti-spam plugins that do not use the Stop Forum Spam database are "pretty good" and do not lock out perfectly good registrations!

PS: There is no way we will spend time reporting problems to the Stop Forum Spam admins. This would take more time that deleting spammers!! The admins of Stop Forum Spam should validate better. Their system is really bad and does block good people consistently, we have seen this.

In addition, anyone can report an IP address and use this malicious to hurt others. It is unfair to put the validation on the end user or forums who have problems. The db should have a better validation algorithm, period!