Talk:Spam blacklist

From Meta, a Wikimedia project coordination wiki

Jump to: navigation, search
Requests and proposals Spam blacklist Archives (current)→
Shortcut:
WM:SPAM
WM:SBL
The associated page is used by the MediaWiki Spam Blacklist extension, and lists strings of text that may not be used in URLs in any page in Wikimedia Foundation projects (as well as many external wikis). Any meta administrator can edit the spam blacklist. There is also a more aggressive way to block spamming through direct use of $wgSpamRegex. Only system administrators can make changes to $wgSpamRegex, and its use is to be avoided whenever possible. For more information on what the spam blacklist is for, and the processes used here, please see Spam blacklist/About.
Proposed additions
Please provide evidence of spamming on several wikis. Spam that only affects a single project should go to that project's local blacklist. Exceptions include malicious domains and URL redirector/shortener services. Please follow this format. Please check back after submitting your report, there could be questions regarding your request.
Proposed removals
Please check our list of requests which repeatedly get declined. Typically, we do not remove domains from the spam blacklist in response to site-owners' requests. Instead, we de-blacklist sites when trusted, high-volume editors request the use of blacklisted links because of their value in support of our projects. Please consider whether requesting whitelisting on a specific wiki for a specific use is more appropriate - that is very often the case.

Please sign your posts with ~~~~ after your comment. This leaves a signature and timestamp so conversations are easier to follow.

Completed requests are marked as {{added}}/{{removed}} or {{declined}}, and are generally archived (search) quickly. Additions and removals are logged.

Other discussion
Troubleshooting and problems - If there is an error in the blacklist (i.e. a regex error) which is causing problems, please raise the issue here.
Discussion - Meta-discussion concerning the operation of the blacklist and related pages, and communication among the spam blacklist team.
#wikimedia-external-links - Real-time IRC chat for co-ordination of activities related to maintenance of the blacklist.
Projects

Information

Tools

Requests

snippet for logging
{{sbl-log|1781254#{{subst:anchorencode:SectionNameHere}}}}

Contents

[edit] Proposed additions

Symbol comment vote.svg This section is for proposing that a website be blacklisted; add new entries at the bottom of the section, using the basic URL so that there is no link (example.com, not http://www.example.com). Provide links demonstrating widespread spamming by multiple users on multiple wikis. Completed requests will be marked as {{added}} or {{declined}} and archived.

[edit] co.cc again

co.cc
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)co.cc

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki ? | Local | en | spam archives | find entry)

MZMcBride removed this entry. Wikipedia claims that the domain is not a real TLD and is used for URL redirectors. On that basis, I think it should be re-added with a preceeding dot: \.co\.cc\b  — Mike.lifeguard | @en.wb 19:43, 11 November 2009 (UTC)

Having had to deal with a lot of the spam links, I strongly endorse restoring this link. No offense, MZM, but this one should have been discussed first before removal. --Ckatz 10:05, 13 November 2009 (UTC)
It's clearly not just being used for URL redirection. As the Wikipedia article notes, it can be used as a real DNS. .com is capable of URL redirection and brings in a lot more spam. I don't think blacklisting an entire TLD or ccTLD (real or not) is a good idea, though I can understand it's the simplest solution. Is there a complementary global whitelist? Do we have any idea how many false positives this addition to the blacklist will cause? --MZMcBride 10:42, 13 November 2009 (UTC)
Do you have any evidence supporting your reason for removal? Discussion when working with others is critical, and your flippant response to my query is worrying.
As to the substantive issue: Yes, there will be candidates for whitelisting, that was acknowledged and addressed from the initial request for blacklisting. I haven't seen that the rate is unacceptable, which you simply take as a premise, and we have helped users to request whitelisting where necessary, and will continue to do so.  — Mike.lifeguard | @en.wb 14:56, 13 November 2009 (UTC)
Flippant? You've globally blacklisted an entire ccTLD, which has broad implications on 700+ projects, plus an unknown number of sites that also use this list. This entry in particular is creating an unknown (and possibly high) number of false positives (I'm only here because there was a local problem at en.wiki regarding what appears to be an entirely valid URL and it was baffling how the URL could be blacklisted). Here's the diff of you broadening the regex—where was the discussion for doing this? I don't see anything in the log, though admittedly the log is nearly impossible to navigate. (If there is no discussion, what was the rationale? Is there supporting data to suggest that the only possible approach here is to block the entire ccTLD, an obviously extreme tactic?) --MZMcBride 16:33, 13 November 2009 (UTC)
I think you missed this.  — Mike.lifeguard | @en.wb 16:36, 13 November 2009 (UTC)
Are discussions on this talk page archived anywhere? I checked the log (silly me, I know). Reading the old discussion, I'm still baffled about the rationale here. It can be used for URL redirection. So can literally any other domain (top-level or otherwise). That's not an argument to ban any and all uses of it. If there's evidence that this domain is unmanageable and won't result in an excessive number of false positives, I don't have an issue with including such a broad regex. But I'd like there to be some specific data to point to, not just "can be used for URL redirection," which I consider a non-argument. --MZMcBride 16:42, 13 November 2009 (UTC)
Not "can" -- "is" (well, "was" until you removed it :D). You can see User:COIBot/XWiki/co.cc for a small taste (too many results to generate the large taste) - or the original request. Anecdotally, yes, we know it was abused cross-wiki; that's why I added it when JzG brought the request here - if not it would have been "add to XLinkBot for enwiki, and we'll attempt to monitor on other wikis with COIBot.  — Mike.lifeguard | @en.wb 16:50, 13 November 2009 (UTC)

(unindent) A question about User:COIBot/LinkReports/co.cc. How is the false positive ratio determined? It looks like the bot finds all instances of the domain (or part of a domain string) being added to a page, but are there are numbers regarding how many of these additions were legitimate? (There are legitimate uses of this ccTLD, right?) --MZMcBride 09:57, 15 November 2009 (UTC)

I'm not sure what you mean by "false positive" in this context -- the bot cannot decide whether a link addition is appropriate or not since it's a bot.  — Mike.lifeguard | @en.wb 05:21, 2 December 2009 (UTC)

[edit] casino.ru

casino.ru
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)casino.ru

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki ? | Local ? | en | spam archives | find entry)

Spammed by numerous IPs on Russian and Ukrainian Wikipedias. --Mercy 15:33, 23 December 2009 (UTC)

Added Added — Dferg (disputatio) 21:13, 23 December 2009 (UTC)
Possibly related domains, not yet added:

pokerodds.ru
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)pokerodds.ru

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki ? | Local | en | spam archives | find entry)

slotstyle.ru
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)slotstyle.ru

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport | XWiki | Local | en | spam archives | find entry)

casinotown.ru
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)casinotown.ru

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport | XWiki | Local | en | spam archives | find entry)

pokermagic.ru
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)pokermagic.ru

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport | XWiki | Local | en | spam archives | find entry)

casino-all.info
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)casino-all.info

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport | XWiki | Local | en | spam archives | find entry)

casinoroulette.ru
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)casinoroulette.ru

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport | XWiki | Local | en | spam archives | find entry)

roulette4you.by.ru
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)roulette4you.by.ru

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport | XWiki | Local | en | spam archives | find entry)

User:Casinos
(Reports: COIBot | archivesearch | noticeboards)

(commons: userpage | talk (←links) || Contribs: (+/-) | logs ← Casinos ← logs || search)(Tools: Luxo's | crossblock | VVV's | CA) (Search: Google | → links ←User talk )
(enwiki: userpage | talk (←links)|| Contribs: (+/-) | logs ← Casinos ← logs || search)
See contributions. — Dferg (disputatio) 21:37, 23 December 2009 (UTC)
Added Added  — Mike.lifeguard | @en.wb 21:42, 26 December 2009 (UTC)

[edit] peoplesprimary.com

peoplesprimary.com
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)peoplesprimary.com

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki ? | Local | en | spam archives | find entry)

Reported as GNAA / LastMeasure browser crash exploit at enWP. Used for main page vandalism. JzG 10:54, 27 December 2009 (UTC)

Added Added, thank you. Please revert if disagree. — Dferg (disputatio) 22:15, 27 December 2009 (UTC)
Thanks guys! Multixfer 02:47, 28 December 2009 (UTC)

[edit] Proposed additions (Bot reported)

Symbol comment vote.svg This section is for domains which have been added to multiple wikis as observed by a bot.

These are automated reports, please check the records and the link thoroughly, it may report good links! For some more info, see Spam blacklist/Help#COIBot_reports. Reports will automatically be archived by the bot when they get stale (less than 5 links reported, which have not been edited in the last 7 days, and where the last editor is COIBot).

Sysops
  • If the report contains links to less than 5 wikis, then only add it when it is really spam
  • Otherwise just revert the link-additions, and close the report; closed reports will be reopened when spamming continues
  • To close a report, change the LinkStatus template to closed ({{LinkStatus|closed}})
  • Please place any notes in the discussion section below the HTML comment

[edit] COIBot

The LinkWatchers report domains meeting the following criteria:

  • When a user mainly adds this link, and the link has not been used too much, and this user adds the link to more than 2 wikis
  • When a user mainly adds links on one server, and links on the server have not been used too much, and this user adds the links to more than 2 wikis
  • If ALL links are added by IPs, and the link is added to more than 1 wiki
  • If a small range of IPs have a preference for this link (but it may also have been added by other users), and the link is added to more than 1 wiki.



[edit] Proposed removals

Symbol comment vote.svg This section is for proposing that a website be unlisted; please add new entries at the bottom of the section.

Remember to provide the specific domain blacklisted, links to the articles they are used in or useful to, and arguments in favour of unlisting. Completed requests will be marked as {{removed}} or {{declined}} and archived.

See also /recurring requests for repeatedly proposed (and refused) removals.

The addition or removal of a domain from the blacklist is not a vote; please do not bold the first words in statements.

[edit] examiner.com

examiner.com
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)examiner.com

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki | Local | en | spam archives | find entry)

Not sure why Examiner.com is blacklisted. Tried to add "http://www.examiner.com/x-14143-Orange-County-Conservative-Examiner~y2009m11d21-Glenn-Beck-at-the-Villages-Saturday-to-kick-of-2010-plan-to-preserve-the-Constitution-video" as a reference on The Villages wiki page, but came back as not saved because it was blacklisted as shown below.

"The following link has triggered a protection filter: http://www.examiner.com Either that exact link, or a portion of it (typically the root domain name) is currently blocked."

It is a news site, even has it's own section here in Wikipedia. Maybe I'm missing something?!What's the scoop? Thanks --WebDeb 06:12, 21 December 2009 (UTC)

This URL is not globally blacklisted, so we can not remove it. It is blacklisted on the English Wikipedia though, so I assume that's the project you were trying to edit. If so, you can request removal at w:en:MediaWiki_talk:Spam-blacklist#Proposed_removals. --Erwin 09:27, 21 December 2009 (UTC)

[edit] estaticos.20minutos.es

estaticos.20minutos.es
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)estaticos.20minutos.es

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki ? | Local | en | spam archives | find entry)

Please I do not know why the domain estaticos.20minutos.es is in the spam list. This domain belong to 20 minutos a newspaper from Spain which is published under free license, and links are specially used in catalan Wikinews. I do not understand which kind of abuse has been reported, but I think that it should be used in order to cite some sources of information as external links in catalan or spanish wikipedia. Can anyone explain it or solve this problem in order to increase verifiability of Wikipedia? Thank you. --Bestiasonica 10:50, 22 December 2009 (UTC)

This was blacklisted per User:COIBot/XWiki/estaticos.20minutos.es. You can whitelist pages as needed for sourcing - though it seems most of the spamming was on eswiki. The site currently returns a 403, so I cannot evaluate this any further.  — Mike.lifeguard | @en.wb 21:34, 26 December 2009 (UTC)

[edit] aerobaticteams.net

aerobaticteams.net
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)aerobaticteams.net

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki ? | Local | en | spam archives | find entry)

Please check this site and ensure that it is not spam site. Many of the articles of Military Aerobatic Teams section at wikipedia uses the aerobaticteams.net like source. I don't understand why this site is blacklisted. The preceding unsigned comment was added by 94.155.239.130 (talk • contribs) diff — Dferg (disputatio) 12:07, 25 December 2009 (UTC).

That domain was added on this blacklist per this discussion back in October, 2008. The domain seems quite problematic too on enwiki because they have locally blacklisted too the same domain (see [1], [2], [3]). It is blacklisted too at ar.wikipedia. I'd suggest not to remove the domain right now here but to request local whitelisting on the relevant wikis you want to add external links to that domain, as I did on es.wikipedia. Comments welcome. Best regards, — Dferg (disputatio) 12:20, 25 December 2009 (UTC)

[edit] openmap.ro

openmap.ro
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)openmap.ro

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki ? | Local | en | spam archives | find entry)

This site uses the openstreetmap.org data, which is free (in the Wikipedia way), and adds some interesting data for Romania, like the Public transport map. Also, it allows for easier adding of markers. The difference can be seen in articles about the public transport, like this one. The site was added based on a bot report, because most liks to the site were added by the (presumed) site owner, which is an active participant in the openstreetmap.org project. I sent him an email asking him to refrain from further bulk-adding links to the site and I am confident that he will understand the constraints of this project. Thank you, Strainu 14:52, 25 December 2009 (UTC)

Thank you for contacting Cipt2001 for us. Removed Removed - the domain has clear utility for our projects.  — Mike.lifeguard | @en.wb 21:38, 26 December 2009 (UTC)
Thank you Mike.--Strainu 19:32, 27 December 2009 (UTC)

[edit] globalflight.net

globalflight.net
(Search: Google | en (G) | fr (G) | de (G) | meta (G) | backlinks | → links ←)globalflight.net

(LinkSearch: meta | en | de | fr | simple | largest 20/57 Wikipedias)

(DomainTools: whois | AboutUs | Malware? | Alexa | OnSameHost | WhosOnMyServer)

(Reports: LinkReport ? | XWiki ? | Local | en | spam archives | find entry)

This is one of the most comprehensive sites for Frequent Flyer Programs and contains, among others, the only complete worldwide listing and deep links to all FFPs, plus other unique features, such as the "Who with whom?" application. We suspect having been blacklisted by a competitor.

Sorry, we're all human here.
This was blacklisted per User:COIBot/XWiki/globalflight.net. If there's utility for our projects in linking to this domain, I suspect whitelisting for those cases will be sufficient.  — Mike.lifeguard | @en.wb 05:53, 28 December 2009 (UTC)

[edit] Troubleshooting and problems

Symbol comment vote.svg This section is for comments related to problems with the blacklist (such as incorrect syntax or entries not being blocked), or problems saving a page because of a blacklisted link. This is not the section to request that an entry be unlisted (see Proposed removals above).
None currently

[edit] Discussion

Symbol comment vote.svg This section is for discussion of Spam blacklist issues among other users.

[edit] wmf4.me / enwn.net

Ran into Mike_lifeguard during a #wikimedia-strategy, he asked me to pop an email off to info-en-l explaining what wmf4.me is and why it shouldn't be black listed. Who then told me to post it here. Hopefully the rat has found it's cheese...

So first, domain: http://wmf4.me/ ( http://enwn.net/ is an alias, the original name, in the process of changing all the titles).

Short and sweet version: It is a URL Shortening service (w:URL Shortening http://wmf4.me/42EEb ). Anyone can create a shortened link, but it is somewhat user un-friendly at the moment. There are only 3 methonds. #1 is by the automated RSS->Twitter proccess, #2 is the bookmark ( http://wmf4.me/bookmark.php ), #3 is a gadget we made for English Wikinews ( mentioned here: http://enwn.net/5e231 ). Method #4, the venerable "web form" is in development.

Most importantly, it is designed for Foundation sites only. It is setup with a white list of domains that are allowed to be shortened (IE: Wikipedia.org, Wikinews.org, Mediawiki.org, etc). Anything outside of the foundation URLs, the Shortener will throw an error on. --ShakataGaNai ^_^ 18:36, 20 November 2009 (UTC)

How will it be used? I don't understand the need for URL shortening. Why don't you just add the real URL, which will tell you something about the site you're linking to? In the case of WMF projects you can also just use an internal link. --Erwin 09:56, 22 November 2009 (UTC)
Initially this started for use on Twitter. I don't see any use for this in main space usage, as you said, use the real URL. This has its uses outside of the main space. For example we use them at n:WN:REPORTS because we write the report on wiki then email it out. --ShakataGaNai ^_^ 03:30, 23 November 2009 (UTC)
Shortened URLs are evil, but for use in confined spaces (like twitter) the evil can maybe be justified. However, the reason we blacklist URL shorteners is different: the possibility of abuse. However, this one allows links only to WMF-owned domains. Ordinarily, I would say that's acceptable, even if actually using the shortened URLs is a bad idea. Keep in mind that on-wiki is not a confined space, and shortened URLs should never be used on-wiki. However, it seems that ShakataGaNai can and did (deliberately [4]) add some which evade blacklist rules. That, I think, is unacceptable.  — Mike.lifeguard | @en.wb 16:23, 22 November 2009 (UTC)
I evaded the rules (Being the only person that can, magical DB power and all), for a valid cause. Linking to that site was blacklisted long while ago, ok, they spammed. I was linking to them NOT TO SPAM, but to help facilitate a proposal. We had no idea how long it would take this group to get around to removing fh.net from the blocklist. ::shrugs:: I don't know what you want me to say. --ShakataGaNai ^_^ 03:30, 23 November 2009 (UTC)
You could have locally whitelisted the URL. I don't think it's necessary to blacklist wmf4.me if and only if the links can only point to Foundation projects. Clearly that was not the case in the past. Will it be in the future? Meaning that any existing redirects to non-WMF sites will be blacklisted and such redirects can never be created in the future. --Erwin 09:08, 23 November 2009 (UTC)
It isn't that they can't be added, ShakataGaNai does and will have access to do it for the forseeable future. I assume he won't be circumventing more blacklist rules...  — Mike.lifeguard | @en.wb 05:19, 2 December 2009 (UTC)
Retrieved from "http://meta.wikimedia.org/wiki/Talk:Spam_blacklist"