Talk:Spam blacklist/Archives/2018-12

Add topic
Active discussions

Proposed additions

  This section is for completed requests that a website be blacklisted

robert-matthees.de

links




users






































Spammed primarily on en-Wiki and de-Wiki, very sporadically on other Wikis.

Systematic recurring spam for a marketing consultant (= a blogger and occasional speaker) by various single-purpose IPs and the apparent site owner, see COI reports. The cxo.co.com domain is probably an outdated mirror domain, but please blacklist it too to be safe. GermanJoe (talk) 08:56, 5 December 2018 (UTC)

@GermanJoe:   Added to Spam blacklist. Noticed on en.wikipedia by GermanJoe, but also on de.wikipedia reverted (see diff, where one of the IPs re-inserts after a removal ..). The list of wikis is rather long, though on most other wikis it indeed involves only 1 or 2 additions. Obvious conflict of interest, no declarations per m:Terms of use. Enough warned, no discussion. --Dirk Beetstra T C (en: U, T) 10:12, 5 December 2018 (UTC)

TLD/__media__/js/netsoltrademark.php controversial?

How controversial do people think that it would be to blacklist something like

\.(?:com|net|org|info)/__media__/js/netsoltrademark\.php

as that referring type spam is becoming quite prevalent, eg. a url like http://vaccineh5n1.info/__media__/js/netsoltrademark.php?d=sergiubaluta.com%2Fsite%2Fredirect.php%3Furl%3…

For those who can see abuse filters and log

Getting it out of abuselog and solely into log/spamblocklist would give some clarity to checking the potential edits logs, rather than having to sort through the fails.

Noting that I am going to deal separately with the issue of abusefilter and spamblacklist coinciding logging through phabricator.  — billinghurst sDrewth 11:53, 11 December 2018 (UTC)

@Billinghurst: I don't believe that something so specific would result in false positives. --Dirk Beetstra T C (en: U, T) 10:12, 12 December 2018 (UTC)
Not added, actually - I now see it is not in a {{BLRequestRegex}}, and the script hence chokes. --Dirk Beetstra T C (en: U, T) 10:13, 12 December 2018 (UTC)
Regex requested to be blacklisted: \.(\w+)/__media__/js/netsoltrademark\.php ?? --Dirk Beetstra T C (en: U, T) 10:14, 12 December 2018 (UTC)
@Billinghurst:   Added to Spam blacklist. -- — billinghurst sDrewth 10:26, 12 December 2018 (UTC)

ed.ted.com/on/ used spam host

Regex requested to be blacklisted: \bed\.ted\.com/on/ Internal regex for ted.com where people can build their own educative material. As can be expected this is now being exploited by spammers, and the content in itself is not necessarily peered reviewed. Content is not to be trusted, and should only be utilised by exemption until ted.com has better means for dealing with spam. I will contact ted.com to see what they will and can do.  — billinghurst sDrewth 01:25, 23 December 2018 (UTC)

@Billinghurst:   Added to Spam blacklist. -- — billinghurst sDrewth 01:25, 23 December 2018 (UTC)

papodemusculacao.com.br



Spambot. —MarcoAurelio (talk) 10:26, 26 December 2018 (UTC)

  AddedMarcoAurelio (talk) 11:44, 26 December 2018 (UTC)

fwto.eu



URL shortener used for spamming on Commons. --Achim (talk) 20:44, 25 December 2018 (UTC)

  AddedMarcoAurelio (talk) 10:24, 26 December 2018 (UTC)

Proposed removals

  This section is for archiving proposals that a website be unlisted.

Troubleshooting and problems

  This section is for archiving Troubleshooting and problems.

Discussion

  This section is for archiving Discussions.

COIBot and the spam blacklist log

COIBot is currently, in the 'free time' of the report saving module, backparsing the spam blacklist log, one wiki at a time. It turns out that one wiki is a humongous chunk of data, and that the bot spends quite some time before starting to parse reports again. Please be patient while this operation runs. The data is stored with the regular link additions, and the bots will then accessit in the same way as usual.

That likely results in certain parts of COIBot's reporting functions (on wiki and on IRC) to show strange results as some code may not understand how things are stored. I will resolve that later. --Dirk Beetstra T C (en: U, T) 17:53, 1 December 2018 (UTC)

@Beetstra: Are there things that we should not do as they may hinder the process; or things that we should moderate/lessen in doing?  — billinghurst sDrewth 23:48, 1 December 2018 (UTC)
Just be patient with it .. —Dirk Beetstra T C (en: U, T) 00:07, 2 December 2018 (UTC)
@Beetstra: FYI: note that COIBot is writing to the wiki where quickcreate is requested, however, it is not recording its standard analysis from "report xwiki ..." They pass through in time, and are not written up at this point of time.  — billinghurst sDrewth 12:55, 16 December 2018 (UTC)
@Billinghurst: I will have a look this evening. COIBot is running 2 LinkSavers, one parsing blacklists, the other one not. Unfortunately, that is prone to crashes. I presume that currently both are on a blacklist parsing the whole thing. I just hope that the one parsing en.wikipedia is done soon, but there are hellish months in the history of that (spambots hitting thousands of times an hour, back in 2015, see e.g. https://en.wikipedia.org/w/index.php?title=Special:Log/spamblacklist/91.200.12.79&action=edit&redlink=1). --Dirk Beetstra T C (en: U, T) 13:25, 16 December 2018 (UTC)
@Billinghurst: bot was confused .. I restarted the LinkSaver that should be saving. It borked (nothing you can solve from IRC .. unfortunately). Just to illustrate, the blacklist parser spent the last 13 1/2 hours parsing the 2nd of May 2015 ... --Dirk Beetstra T C (en: U, T) 17:31, 16 December 2018 (UTC)
Return to "Spam blacklist/Archives/2018-12" page.