I'd second Orna's approach, with a refinement:

   - IP range ban should be temporarily
   - only select eu/us/ca ISPs' abuse teams should be contacted.

Also, worth mentioning:
I've just snooped around for python IP ownership lookups (via RIRs DBs) and
found no 1 tool for this.
It is strange, maybe people approach this problem differently ?
Like a fail2ban hook maybe ? (http://www.fail2ban.org/wiki/index.php/Apache)


On Thu, Sep 19, 2013 at 5:24 PM, Eli Billauer <e...@billauer.co.il> wrote:

> **
> Hi all,
> I'm running a little phpBB forum, which is being bomarded by attempts to
> submit spam posts. I've solved the core problem already (i.e. preventing
> the spamming itself and the flood of new users) down to zero, but I've
> noticed a huge amount of attempts -- I'm at ~800,000 hits per month, and
> it's not getting any better.
> It's quite easy to tell a spammer's IP watching the HTTP logs, so it's not
> a big deal to write a simple script and find the offending IPs, and block
> the worst of them individually. In fact, I've already done that.
> But now I want revenge: I'd like to make the spammers' hosting providers
> aware of their user activity. Is there any convention on how to
> automatically track down who should be contacted for each and every IP? Or
> maybe some database, where hosting providers are really looking?
> I expect some dozens of these every month. So an automated reporting
> method should be possible.
> Thanks in advance,
>    Eli
>  --
> Web: http://www.billauer.co.il
> _______________________________________________
> Haifux mailing list
> Haifux@haifux.org
> http://haifux.org/mailman/listinfo/haifux

Maxim Kovgan
Haifux mailing list

Reply via email to