Just a comment: the spambots have figured out the pattern used [#1140554]

I just installed and enabled Spamicide today. Then turned Captcha off to see how well it worked.
Within 10 minutes I had 3 comments added that were caught by Anti-Spam. Looks like they
have worked out the Spamicide mechanisms and work around it. I tried changing the field name
and no luck. I even changed the text for the field and they are still getting through to the next level.

Just thought I would report my findings.

I started with 6x-1.9 and then tried with 6x-1.x-dev and they are still getting through.

Comments

Comment #1

Ela CreditAttribution: Ela commented 29 April 2011 at 20:49

Are you sure that they are spambots and not actual people posting spam? (in which case they wont see the hidden field)

Comment #2

dougm CreditAttribution: dougm commented 30 April 2011 at 16:13

I suppose it could be people doing it but the timing and consistency makes me think spambot. They settled down to every 10 minutes like clockwork and it went on for several hours before I turned Captcha back on. Are there tests I can do to verify user vs. spambot.

Comment #3

hutch CreditAttribution: hutch commented 30 April 2011 at 17:03

Can you see in the logs how quickly the return from the form request is? If it is a few seconds it's likely a bot.

Comment #4

dougm CreditAttribution: dougm commented 1 May 2011 at 07:32

It looks like about a second or two. I'll need to monitor a bit more but for now I have Captcha turned back on.

Comment #5

hutch CreditAttribution: hutch commented 2 May 2011 at 00:47

Well it looks like this bot either knows it's on a Drupal site with spamicide enabled (not difficult, it's in the header) or it is parsing the css looking for display: none; as applied to a form id.

Comment #6

buzzman CreditAttribution: buzzman commented 19 May 2011 at 13:43

Just an idea >>>

- what if you apply the CSS with simple JS or with jQuery (using the input field's ID)

- also don't use the Spamicide CSS/JS files and instruct users to include those via an already existing custom mod or in some other mod that isn't related to SPAM, so then there's nothing in the header to shout the name of the mod (this WILL def fool the bot)

haven't tried the module ... just scanning the issues and this occured to me, so posted here.

If this doen't work then surely the bots gettin smarter ;-) huh?