I once uploaded Kareha onto a server I was running from home, purely just to test the software and study the code. I didn't advertise the board to anybody, and only made three test threads. Amazingly, after having forgotten about the board, and coming back a year later, I found it full of spam and links.

Everybody knows about textboard spam, wakaba's /soc/ board was removed after being spammed to oblivion, the site that wrote the original gazouBBS (futaba's sourcecode) script's demonstration boards were also full of spam comments written in English, so on, we've all seen it.

Where is it actually coming from though? Has anybody ever gone down the rabbithole of internet spam and bots? How do they find no-name sites that nobody visits? What is their end goal? Who actually runs these bots? Is anybody even running these bots or have they been on autopilot for decades? Is there a network of spammers? What is your experience with spam?

Within the past three years or so, "scambaiting" has become a popular genre of youtube and twitch content, with people investigating tech support scammers and robotcallers and whatnot, but I feel like nobody really cares about the rabbithole of people spamming on websites, when it is just as vast and fascinating.

>>14
nvm, adblock hid the links on desktop. so probably not.

>>6
This is why running a textboard is far better compared to an imageboard, no images = no illegal content. Obviously you still get pieces of shit who advertise links, but I can imagine is less of a headache for sysadmins to deal with.

This all sounds a lot like that Dead Internet Theory thing.

hell, I administrate multiple websites and that "real rap ed woman" spam (which has been going on for a long while now) is getting out of hand in the last few days. I don't even know what is it's goal, but all files it links to are being hosted on different premium file hosts (meaning you need to pay the file host some money to download). Truly getting sick of it.
One more thing, it's man-made. I confirmed this multiple times by watching its patterns (e.g. posting in an existing thread to see which part of his message is being blocked by the regex filter i implemented, making a word play on the blocked part etc)

rap ed (rap education)

This is a very interesting topic.

>>1,9,18
For some reason this thread's been on my mind for a while now. If you're willing, I'd like to ask a few questions on this topic and maybe turn it into an article if I have the energy for it and the passion on the topic doesn't fizzle away. I won't be making any money on it and I'd keep it as anonymous as you'd want it.

from bots

>>18
Do you think that "real r**ed women" spam and the illegal content spam are the doing of the same people? For being man made, it's astonishing how aggressive and persistent it is. There has to be an endgame, but what it is is beyond me.

This thread reminds me of people who begin with an interest in a group of conspiracy theorist believers (e.g. Flat Earthers) and in their journey to understand the thought process of their subjects, they gradually develop a bizarre fascination and end up becoming the very thing they initially ridiculed.

If anyone here ends up evolving into a BBS spam bot manager and/or BBS spam bot, please detail your experiences in this thread.

>>16
You can do what multichan does and use image links to source embedded images. Best of both worlds. You get images but can outsource the liability.

>>25
If you do that don't forget to limit it to specific hosts only so people don't embed their own trackers to datamine users.

people keep posting cpz on my favorite altchan
is it feds or cloudflare

i think its just pedos

The quality varies a lot, this new guy seems to have figured out how to use the name/link fields AND html formatting to spam his shoe (?) websites.

>>28
I think you meant hoe websites.

30get

>>28
That spam bot has been around for a long while now. I'm guessing it was originally made to seek out blog comment sections, I've seen similar spam on those and those also have name/email fields and either HTML or BBCode formatting. Actually, just supporting BBCode is enough to summon a swarm of spambots.

>>1
Very interesting, certainly. In my opinion it must be spam bot farms, some of which left running for decades (have you noticed Usenet spam has not evolved from the typical garbage links?), or even paid Indian spammers
>>27
Feds seek imageboards out to post CP in them to get them shut down. If the janitors/moderators are proactive removing the spam, the feds observe when the janitors/moderators are asleep to perform the spam again, or even, in the worst rumoured cases, actually become janitors and begin antagonizing the userbase to get them to abandon ship.

>>32
I have heard fed this glowie that, but do you have any proof or evidence for this?

Merorin has been getting hit by CP spammers that are not bots, but manually posted

I dunno why

>How do they find no-name sites that nobody visits

https website certs are publicly available in a certificate transparency log and this is one way bots find domains to check

>>10

Those randomly generated sites are exploiting Google Search's AI-powered search engine and they do get ad revenue from it. What the owners of these sites do is build a scraper with Python, implement it into their (monetized) Wordpress website where they churn out endless low-quality articles, and somehow, Google picks it up and it lands on the first page of the search results.
They're always in the middle or the last part of the search results yet that seems to be enough to make money off it.
I've started noticing that because whenever I look up something programming-related, I come across a low quality site that very obviously stole a q&a from StackOverflow.

spam bots are from nashville

Cloudfare spread the cheese pizza to blackmail little sites into paying them protection money. They have a big server full of CP that only top execs have full access to. They have a secret basement in their HQ where they have teams of people employed to spam sites with kiddie porn and take them down.

An interesting pattern I've noticed, dark-net sites have much less cp advertising, even those that allow explicitly pro-pedo posts (though not actual porn). Gets my noggin joggin'.

>>27
CP bombing is a very common way of getting forums taken down. I know some gay-ops groups hoard CP just for that purpose.

>>39
Well, it's probably much harder to automate spamming of a dark-net site

>>41
It should actually be easier, since you don't need to worry about IP blocking and most sites won't have advanced anti-ddos/bot services like what cloudflare gives.

Ota died because of illegal spam

It seems that there is someone or something routinely posting CP on schedule across multiple small imageboards, usually on the same days and on the same boards on a schedule. They use similar or identical images and they’ve been getting more and more graphic and extreme. No idea where they come from but a janny on another board say they think it’s a botnet although why it exists and what it’s far remains a mystery. Naturally, everyone blames the feds or claim it’s a law enforcement entrapment scheme but it’s probably to spread Chinese malware or something?

>>44
It's been going on for nearly a de ade now, if not longer. I know exactly what spam you're talking about.

I saw another chan admin theorize that it's actually third worlders being paid to post it manually. Grim.

With that said, if it's still happening, that must mean they've caught a few fish.

>>45
Not all of it, but some of it is definitely third world manual spam. I've witnessed arabic IPs posting under residential IPs and going past custom captcha.

>>45
>>46
3rd world manual spammer seems like the worst fucking job ever.

> "Go back to the content mines, Suparman, we need more adSense revenue and SEO money!"

Here's an interesting post. Apparently, it isn't bot spam at all but coming from commercial CP peddlers. They seem to hit the most active boards on any given site.
https://trashchan.xyz/meta/thread/374.html

>>53
This kinda confirms what I already knew, that it was manual spam.

https://desuarchive.org/g/thread/98445659/#98450771
Here's a link.

>>9

Necro, so it wouldnt have been known as well back in 2021 when you posted, but androxgh0st is a (now) well known malicious web scanner that tries to scan sites for exposed credentials and then tries to use those credentials to compromise your assets so that they can be used as part of a spam botnet.

Feds have good details on it now https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-016a

androxgh0st will probe a page with POST requests sending strings similar to what you mentioned in the message body, so if your form method is POST on the emailer page, it may be taking that message body and doing the needful with it and sending it to you as an email according to whatever logic you have setup to handle the form.

>>55
That's something that has been bothering me for so long, you could look up the most random of queries like "steven universe background art" and get those sites

>>53
that is old as fuck lol the owner of jschan (tom) had discovered that the cp poster was a real person

null has mentioned once or twice that he thinks it's feasible the background radiation of spam to be prevented, but that Cloudflare, Google, etc. choose not to because they passively profit from it. I don't know how that's possible, but perhaps the specifics don't even matter, as long as the incentive structure is there. The actual spam is just entropy in principle.

And it doesn't help that very few people actually use the clearnet and are instead populating the massive darknets that have cannibalized the Internet such as the site formerly known as Twitter, Facebook, Discord. And I do mean darknet, because you can't access any of that stuff publically, can't even scrape most things anymore; you need to make an account and an api key -- and even then, it's not easy to get a clear picture of what's going on.

spam, i.e. unsolicited content, comes from people unsolicited by real economy, i.e. spam. you are spam, and your parents who made you for personal entertainment are spammers.

>>61
Given that pretty much everything Google does exists to be a vector for their adcrap, I wouldn't be surprised at all if they have some deals made to consider some spammers "legitimate" on things like search and GMail as long as they get a cut of the profits. I definitely get far less spam on the other mailboxes I switched to when I ditched GMail, but it's hard to tell how much that's GMail vs. how much I might've given the old address to some site that sold it around. (I also speculate that there might be spammers who just make up random GMail addresses on a bot to send spam to, but that's just speculation.)

As for your bit on the abandonment of WWW pages for things like Discord, on the one hand it does kind of suck, but on the other it's kind of understandable, running a WWW page is exhausting since you're basically putting it out there for any rando to interact with. And it's not just spam or what you'd probably think of as "bad attention", even having "fans" can lead to a lot of tiring "when update?" type messages, or trying to recruit you to their project that's vaguely related to your site topic (talking here about people who are "real" as opposed to driveby spam). So I can see the appeal of wanting to just make a friend group and share stuff to them instead of the world at large.

As for the topic of spamposts on boards like this one in particular, I do wonder if part of the scam is in the redirect links themselves; I know some redirector sites also run a "show ads on the redirection page, give you a cut" racket.

Kind of spooky when you think about it