Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
SpamBuster v1.0.0 (Stable): Identify, log and remove spam posts on your forum Details »»
SpamBuster v1.0.0 (Stable): Identify, log and remove spam posts on your forum
Version: 1.0.0, by UK Jimbo UK Jimbo is offline
Developer Last Online: Mar 2013 Show Printable Version Email this Page

Version: 3.5.4 Rating:
Released: 03-01-2006 Last Update: 06-14-2006 Installs: 158
Uses Plugins
 
No support by the author.

This is the v3.5 version of vbSpamBuster that I wrote for vBulletin v3.0.x This version adds some new features.

What does it do?
It spots posts that could potentially be spam then (depending on option settings) creates a thread alerting site admin/moderators about the post and/or hides the post from view.

How does it identify the spam?
All off the posts for users with a post count of less than 10 (configurable) have their posts checked against a number of rules. Each rule has a different "score". If the total score for the post exceeds a specified limit then the post is deemed to be spam.

Can I add my own rules?
The installer file has a default rule set with it, you may wish to customise the rules in the options section of the AdminCP. The rules system is fairly simple to add to, in simple terms each rule is a perl regular expression and a score.

How do I install it?
Import the product via the Product Manager in the AdminCP. The options group and plugins will be added to your system. Now would be a good time to click the install link on here to record the fact that you've installed it.

How do I configure it?
Head to the "SpamBuster" option group in the "vBulletin Options" section of your AdminCP. Fill in the relevant fields. Further documentation will follow but it should be obvious what each setting does for the moment.

How do I upgrade?
Just run a regular install. It's worth backing up your settings particluarly the rules before performing the upgrade. If you're upgrading from v0.3.2 to v1.0.0 you can just download the attached rules file and add it via the admincp as there have been no code changes.

How can I test it?
Try posting a new thread/post with some trigger values in it. The string ekmas.com should do the trick.

Help it's broken my forum!
Erm, that's not an intended feature. Disable all six of the plugins that are part of the product "SpamBuster" and post an error report to this thread. The forum will work fine.

Why doesn't it do x,y or z?
Because I've either not thought about it yet or I've not written it yet. Please drop a post into this thread with any (sensible!) suggestions.

Can I use it commercially?
You're free to use it for whatever purpose comercially/privately as long as you don't resell the code. It's released under the LGPL, see the link below for futher info. If you find this plugin useful and you'd like to make a donation please use the "donate" button below.




This software is licenced under the CC-GNU LGPL.


Changelog
  • 15th June 2006 - v1.0.1 - Updated list of rules uploaded as a text file
  • 6th April 2006 - v1.0.0 - Stable release: code remains the same but the rules file has changed.

Supporters / CoAuthors

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #132  
Old 11-01-2006, 01:45 AM
Kungfu Kungfu is offline
 
Join Date: Dec 2005
Posts: 242
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by d360
I'm trying to add a rule for sex and using one that currently works:

#Phones
regexp:a_sidekick:3:any:"/sidekick/i"

I've tried pasting all sorts of variations of this and none catch as spam and place it in the spam forum directory.

Here's my tests:

#Sex
regexp:a_badword:10:any:"/.com/i"
regexp:a_badword:10:any:"/i"
regexp:a_badword:10:any:"//i"


none of these work. any help would be appreciated.
first you need to make a variable for each regex.

Code:
## SpamBuster config file
# tests are in the format:
# type:name:score:section:expression

## Title tests
# title starts with free
regexp:t_free:3:title:"/^free/i"
# title starts with free and ends in an exclaimation mark
regexp:t_freebang:3:title:"/^free.*!$/i"
# title ends with three exclamation marks
regexp:t_3bangs:3:title:"/.*!!!$/i"

## Tests title and body
# contains a price in dollars
regexp:a_dollar:5:any:"/\$[\d\.]+/"
# lists a % discount offer
regexp:a_percent:3:any:"/\d+%/i"


#anything related to sex
regexp:a_viagra:3:any:"/viagra/i"
regexp:a_penis:3:any:"/penis/i"
regexp:a_erect:3:any:"/erect/i"
regexp:a_pussy:3:any:"/pussy/i"
regexp:a_barn:3:any:"/barn/i"
regexp:a_zoo:3:any:"/zoo/i"
regexp:a_porn:3:any:"/porn/i"
regexp:a_sex:3:any:"/sex/i"

#other things
regexp:a_drug:3:any:"/drug/i"
regexp:a_fedex:5:any:"/fedex/i"
regexp:a_dhl:5:any:"/dhl/i"
regexp:a_ups:5:any:"/ups/i"


#any link
regexp:a_url:10:any:"/http:\/\//i"
regexp:a_www_url:10:any:"/www\./i"
regexp:a_url2:10:any:"/[^="]http|ftp|gopher[^ \n\r]+(?=[\s\.,])/i"

#Phones
regexp:a_sidekick:3:any:"/sidekick/i"
regexp:a_nokia:3:any:"/nokia/i"
regexp:a_ericsson:3:any:"/ericsson/i"
regexp:a_motorola:3:any:"/motorola/i"
regexp:a_nextel:3:any:"/nextel/i"
regexp:a_kyocera:3:any:"/kyocera/i"


#computers
regexp:a_laptop:3:any:"/laptop/i"
regexp:a_dell:3:any:"/dell/i"
regexp:a_alienware:3:any:"/alienware/i"
regexp:a_apple:3:any:"/apple/i"
regexp:a_ipod:3:any:"/ipod/i"
regexp:a_toshiba:3:any:"/toshiba/i"
regexp:a_vaio:3:any:"/vaio/i"
regexp:a_ibm:3:any:"/ibm/i"
regexp:a_acer:3:any:"/acer/i"

#pills
regexp:a_meds:5:any:"/meds/i"
regexp:a_pharmacy:5:any:"/pharmacy/i"
regexp:a_clickhere:5:any:"/click here/i"

#consoles
regexp:a_xbox:3:any:"/xbox/i"
regexp:a_playstation:3:any:"/playstation/i"
regexp:a_playstation1:3:any:"/play station/i"

#Casino spam
regexp:t_cardstud:3:title:"/online seven card stud/i"
regexp:t_888casino:3:title:"/888 Casino/i"
regexp:t_freeslots:3:title:"/free slots/i"
regexp:t_onlinepoker:3:title:"/online poker tournament/i"
regexp:t_videopoker:3:title:"/video poker/i"
regexp:t_pokerrooms:3:title:"/online poker rooms/i"
regexp:t_freeslots:3:title:"/free slots/i"
regexp:t_baccarat:3:title:"/baccarat/i"
regexp:t_online7:3:title:"/online seven card stud/i"
regexp:t_roulette:3:title:"/roulette/i"
regexp:a_888:3:any:"/888\.com/i"
regexp:a_ajcarvelli:3:any:"/ajcarvelli\.com/i"
regexp:a_7cardstud:3:any:"/seven card stud/i"
regexp:a_stud:3:any:"/stud/i"
regexp:a_baccarat:5:any:"/baccarat/i"
regexp:a_casino:3:any:"/casino/i"
regexp:a_online:3:any:"/online/i"
regexp:a_free:3:any:"/free/i"
regexp:a_slots:3:any:"/slots/i"
regexp:a_keno:3:any:"/keno/i"

## Known spam sites
regexp:a_dotdeals:10:any:"/dotdeals\.com/i"
regexp:a_ekmas:10:any:"/ekmas\.com/i"
regexp:a_qckjmp:10:any:"/c\.qckjmp\.com/i"
regexp:a_websponsors:10:any:"/\.websponsors\.com/i"
regexp:a_wonderyears:10:any:"/\.wonderyears\.com/i"
regexp:a_lynxtrack:10:any:"/\.lynxtrack\.com/i"
regexp:a_getodp:10:any:"/\.getodp\.com/i"
regexp:a_actualdeals:10:any:"/\.actualdeals\.com/i"
regexp:a_pdv001:10:any:"/\.pdv001\.com/i"
regexp:a_eajmp:10:any:"/\.eajmp\.com/i"
regexp:a_aftrk.com:10:any:"/\.aftrk\.com/i"
regexp:a_lps999.com:10:any:"/\.lps999\.com/i"
regexp:a_e2save.com:10:any:"/\.e2save\.com/i"
regexp:a_qksrv.net:10:any:"/\.qksrv\.net/i"
regexp:a_dse500.com:10:any:"/\.dse500\.com/i"
regexp:a_bag1881.com:10:any:"/\.bag1881\.com/i"
regexp:a_esrmtech.com:10:any:"/\.esrmtech\.com/i"
regexp:a_jokescratchcards:10:any:"/jokescratchcards/i"
regexp:a_83332:10:any:"/83332/i"
regexp:a_eaziit:10:any:"/eazi\.it/i"
regexp:a_bravehost:10:any:"/bravehost\.com/i"
regexp:a_dailyunique:10:any:"/dailyunique\.com/i"
regexp:a_en+++++:10:any:"/en+++++\.com/i"
regexp:a_putzamare2004:10:any:"/putzamare2004/i"
regexp:a_cpsasales:10:any:"/cpsasales\.co\.uk/i"
regexp:a_madhouse21:10:any:"/madhouse21/i"
regexp:a_raelian:10:any:"/rael\.org/i"
regexp:a_speedflip:10:any:"/speedflip\.com/i"
regexp:a_fredphones:10:any:"/fredphones/i"
regexp:a_watchgem:10:any:"/watchgem\.com/i"
regexp:a_250free:10:any:"/250free\.com/i"
regexp:a_bagluxury:10:any:"/bagluxury\.com/i"
regexp:a_greatnow:10:any:"/greatnow\.com/i"
regexp:a_ampd:10:any:"/ampd\.com/i"
regexp:a_remster5:10:any:"/remster5/i"
regexp:a_tipcell:10:any:"/tipcell\.com/i"
regexp:a_hotxxxstuff:10:any:"/hotxxxstuff\.com/i"
regexp:a_pochrist:10:any:"/thepassionofthechrist/i"
regexp:t_feelsad:10:title:"/This picture may make some of you feel sad/i"
regexp:a_winme:10:any:"/win-me\.biz/i"
regexp:a_pharmacy1010:10:any:"/pharmacy1010\.com/i"
regexp:a_picfury:10:any:"/picfury\.com/i"
regexp:a_mightybody:10:any:"/mightybody\.com/i"
regexp:a_winantispyware:10:any:"/winantispyware\.com/i"
regexp:a_systemdoctor:10:any:"/systemdoctor\.com/i"
regexp:a_rogalik:10:any:"/rogalik\.net/i"
regexp:a_aapurse:10:any:"/aapurse\.com/i"
regexp:a_freepay:10:any:"/freepay\.com/i"

# Other string based stuff
regexp:a_pochrist:10:any:"/thepassionofthechrist/i"
regexp:t_feelsad:10:title:"/This picture may make some of you feel sad/i"

regexp:a_email:10:any:"/\b[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b/i"

note i have

regexp:a_url:10:any:"/http:\/\//i"
regexp:a_www_url:10:any:"/www\./i"
regexp:a_url2:10:any:"/[^="]http|ftp|gopher[^ \n\r]+(?=[\s\.,])/i"


for some reason the first one would not work but my second one does. Looks complicated but basically it trys to find http ftp or gopher. you can also do something like

regexp:a_url2:10:any:"/[^="]http|ftp|gopher|com|www[^ \n\r]+(?=[\s\.,])/i"
but note on the www. its /www\./i, btw the i is to ignore case. So it basically converts it to lowercase and then checks. But its /www\./ because of the period. otherwise you could do /www/i which will find that exact value unless you have a unique character like a period then you have to do something like shown above.
Reply With Quote
  #133  
Old 11-01-2006, 01:54 AM
Kungfu Kungfu is offline
 
Join Date: Dec 2005
Posts: 242
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by webghey
then below it a few posts you had this :
https://vborg.vbsupport.ru/showpost....3&postcount=74

I'm not getting any help in this thread, and I'm not sure where you placed that code. I'm getting the same error that you posted and it looks as though you've fixed it on your site?

I get that error if I try to validate in the admincp, AND I get almost the same error if I try to run the RSS posting hack. It throws an SB_Test error which I mentioned on page 9 of that thread about spambuster.

Any help would be great.
BTW you can also do whats on post 74, same area where i said above.
Reply With Quote
  #134  
Old 12-07-2006, 10:41 PM
<MG>CP <MG>CP is offline
 
Join Date: Feb 2003
Posts: 22
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quick note that it worked for me for anyone else looking to solve this problem, it beats installing, uninstalling, disabling, etc. Thanks for that!

Quote:
Go to Plugin Manager, find Hook Location : postdata_presave

Then click SpamBuster: Normal posts check

Change
PHP Code:
$GLOBALS['sbhits'] = sb_test($this); 
PHP Code:
if ((strstr($_SERVER['REQUEST_URI'],'admincp') !== FALSE) && (strstr($_SERVER['REQUEST_URI'],'modcp') !== FALSE)) 
{
$GLOBALS['sbhits'] = sb_test($this);

Worked for me, should work for you.
Reply With Quote
  #135  
Old 12-08-2006, 07:22 PM
<MG>CP <MG>CP is offline
 
Join Date: Feb 2003
Posts: 22
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quick thanks and an atta-boy for this hack. I have been customizing the text file for the past day or two. It is currently 99% accurate at spotting spam and has cut down the reported posts (the main goal) 90% on the first day. Our users never see the spam, our moderators can handle it easier, a true win\win for everybody... except the spammers.
Reply With Quote
  #136  
Old 12-15-2006, 01:12 PM
ScubaAddict ScubaAddict is offline
 
Join Date: Dec 2005
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I have upgraded to 3.6.4 - thought it was working ok, but apparently it only works for thread replies. If a new post is made, it is not checked, but reply to any post, and the post will be flagged correctly.

Does anyone know how I can fix this?
Reply With Quote
  #137  
Old 01-10-2007, 09:14 AM
87GTR 87GTR is offline
 
Join Date: Apr 2002
Posts: 24
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great Mod thanks. stopped 10 spam the 1st 24 hours. can it be changed alittle? I would like to autoban the user and delete tread or post at the same time

can that be an option you can enable?

or have the moderate icon clickable, so when you click on it will delete the tread and ban the user

Also can this be used on PM's I have a few spam bots some and start sending spam via PM too
Reply With Quote
  #138  
Old 01-18-2007, 11:40 AM
Hornstar Hornstar is offline
 
Join Date: Jun 2005
Location: Australia
Posts: 2,469
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I saw this in use on a few other sites. nice work.
Reply With Quote
  #139  
Old 02-20-2007, 12:07 PM
<MG>CP <MG>CP is offline
 
Join Date: Feb 2003
Posts: 22
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Here is our updated spambuster rules. We are at about 90% effective right now. The ones getting by are typically rare single domain posts. Since we have people posting Hijack This log files, those occasionally get caught, but we are very happy with this latest file.

Our work on this updated text is 3 months and 282 replies from our moderators perfecting it! It uses a LOT of known spamming domains, so if your website allows a ton of html links, this wont work very well for you, but you can edit it yourself.

A good bit of re-write and time has gone into it, I hope it helps you as much as it has us.

Comments and suggestions welcome.
Reply With Quote
  #140  
Old 02-24-2007, 09:00 PM
Halarkin Halarkin is offline
 
Join Date: May 2004
Posts: 21
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I've installed this hack, but as a result, it has broken my Moderate Posts function. If it catches a false positive, I have to disable the product, approve the post, then re-enable it.
Reply With Quote
  #141  
Old 04-27-2007, 11:50 AM
Rafe Rafe is offline
 
Join Date: Jul 2003
Posts: 13
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ScubaAddict View Post
I have upgraded to 3.6.4 - thought it was working ok, but apparently it only works for thread replies. If a new post is made, it is not checked, but reply to any post, and the post will be flagged correctly.

Does anyone know how I can fix this?
I'm also having this problem. It did work OK, but doesn't seem to now.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:43 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04757 seconds
  • Memory Usage 2,333KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (2)bbcode_php
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete