How to get rid of a spammer?

[Lichme2]

I run a gaming website, and there is some moron that is mad because he thinks he can do whatever he wants on our servers.  He has been banned, and now he is spamming our website with a bunch of racist crap.  He connects through a proxy so an IP ban is useless.  I really don't want to enable admin user verification, and was hoping there was something else I could do.  The site is a postnuke based site.

[teng84]

how does he spam the site?

 

maybe this would help

 

try to get the ip address of the users and from there do some action or do some confirmation

so when the spammer logged he or she will not get the direct access with your site

[Lichme2]

They just register over and over and post racist comments and other comments of the same nature.  I have tried quite a few things.  IP blocks, user bans, I even put up a phony thing that redirected his username to a notice saying that a virus was uploaded to his machine.  The only actual thing I havent done is given him the virus, and I probably would if I knew how via php.

[cooldude832]

does your registration have an email requirement meaning the ymust confirm their account via  an email with a magic variable listed in it?

 

edit:

 

This will allow you to slow them down because they will need a valid email address every time they try and sign up and they will eventually hit the wall there and get bored

[teng84]

hmm can we see your site

 

any way have you tried cooldude suggestion

[cooldude832]

teng we should team up on some projects because there doesn't seem to be a question we can't answer togehter

[teng84]

i dont know you always watch my back hehe

 

any ways yours idea is good

[Yesideez]

Lichme2, I have a script to read IP addresses through proxys if you want it.

 

Only problem is, if he's not on a static IP then it won't have much effect and you could end up perm banning an IP in a pool...

 

Once you get his real IP, perform a WHOIS lookup on it and report him to his ISP for abuse.

[Lichme2]

Sure, the site is www.thetwistednetwork.net

 

I'd like that script if you got it lying around, I reported him once about a year ago to his ISP (I had his IP before he started using proxies), then he stopped.  He has since moved and appears to only be using proxies.  I have already set it up so that you have to verify email addresses, but hotmail makes it easy enough to get.

[cooldude832]

This might sound harsh, but maybe you might need to ban hotmail emails from signing up

[cooldude832]

also a truning number system would be a smart idea look into the GD library to help you there, but basically you would need to develop your own or find a script out there