[Kosh67]

I've noticed for quite a while now, the Any, Archive and Video searches have become pretty much useless in ed2k due to all the spam which seems to be able to work its way around any search parameters, no matter how stringent. Even if you do something like an archive search for the complete works of Sir Arthur Conan Doyle, and you set the file size to be minimum 1234567b, maximum 1234567b, for some reason it still comes up with crap like "Babylon Pro 8.0.0.5 Crack.zip" or RecFree, RadarSync, or some other such nonsense, which always seems to be 2.58MB, 6.41MB or 15.07MB, always with thousands, or even tens of thousands of sources, killing the search instantly. The same kind of thing happens when you look for anything in Documents which could be interpreted as remotely sexual (eg. looking for books written by Dick Dorgan). Right clicking and selecting "Add to spam" helps a little (I'm SO glad that I found that in the forum search yesterday!), but not enough. I'm guessing it's because of a built in limit with how many sources Emule can detect, presumably to prevent server flooding, and I'm also guessing this is a false reading caused by the spam itself. This is, of course, made especially annoying when all of the Kad nodes get wiped out of nodes.dat and ed2k is the ONLY thing that can be connected to.

My suggestion is that every time a search comes up with something that goes from 0 to a ridiculous number of sources in less time than it takes for a transistor to switch, simply ignore that result. Also, if anything is detected which the user already has blocked as spam, then ignore that as well. Don't count it, don't even show it (or leave it greyed out at the end like it is now). Just treat it as a non result and let the search carry on its merry way from where it was before. The default number of sources should be set sufficiently high, eg. 1000 all at once, but this number should also be user selectable as the spammers would undoubtedly find a workaround for any limit that's set hard and fast.

[fox88]

Kosh67, on 29 May 2012 - 01:58 AM, said:

It seems you still have not found anything about fake

It seems you still have not found anything about fake servers.

[xilolee]

Anyway those results don't always appear in few milli/microseconds

[Kosh67]

fox88, on 28 May 2012 - 11:28 PM, said:

It seems you still have not found anything about fake servers.

Well, after reading this snotty reply, I went to www.server-met.de, advertising "NO Fake Servers!". I downloaded their "ALL Active and NO fake!" list, and turned off the auto updates on connections in eMule. The results? The first 14 servers I attempted to connect to were dead. I searched for the word "help" under the "Any" tab. It came back with 7 responses: 1 each of Babylon Pro 8.0.0.5 Crack, Babylon Pro 8.0.0.6 Crack and RecFree, and 2 each of RadarSync and Multimedia Toolbar, none of which were detected as spam before (different file sizes this time). Wow! That worked well... Do you still think there's no need for improved spam blocking? Or, assuming that this server is intentionally falsely advertising themselves, can you suggest a different site to get a TRUE safe list from, please? Thanks in advance.

[Some Support]

Those are malicious servers and there isn't much which can be done against, because by design servers are a point of trust (to some degree) in the network. If the server works against the client, this can't be fixed by some small code changes.
So your best bet is either only use Kad or get a clean serverlist.

[xilolee]

Some notes:
- edonkey2 works for some users, for others it doesn't work
- peerates/peerbooter index only free content (index too few files)
- kdonkey/edonkeyno servers (those that i didn't add to my static servers list) don't allow/permit obfuscated connections (=you can connect to them without obfuscation)
- last 4 servers don't allow obfuscated connections, and without obfuscation you couldn't connect the same to them


If you want see the differences between this list and the most used "safe" serverlists, check:

http://www.gruk.org/list.php
(for downloading this list you need this: http://gruk.org/server.met )
http://edk.peerates.net/servers.php?lang=0
(for downloading this list you need this: http://peerates.net/servers )
http://shortypower.org/
(for downloading this list you need this: http://shortypower.org/server.met )

This post has been edited by xilolee: 29 May 2012 - 09:54 AM

[tHeWiZaRdOfDoS]

Some Support, on 29 May 2012 - 09:19 AM, said:

Those are malicious servers and there isn't much which can be done against, because by design servers are a point of trust (to some degree) in the network. If the server works against the client, this can't be fixed by some small code changes.

Well you CAN of course check against the additional search parameters (and maybe also encourage users to use them by some nag dialog or similar) which would prevent a lot of spam results to show up right now - e.g. the kind of spam that was described in the first post.
Of course the spammers may adapt to those changes but it'll help for sure.
On the other hand, maybe it's time to promote using KAD only

[xilolee]

Unfortunately, kad is spammed too...

[fox88]

Kosh67, on 29 May 2012 - 11:09 AM, said:

Well, after reading this snotty reply

Sorry, that was kind of a hint: you are writing feature requests instead of asking questions first. Preferably in Support forum.

Kosh67, on 29 May 2012 - 11:09 AM, said:

I went to www.server-met.de, advertising "NO Fake Servers!".

Advertising here is the keyword. Use peerates, gruk or lists from IRC support channels.

This post has been edited by fox88: 29 May 2012 - 06:41 PM

[niRRity]

Some Support, on 29 May 2012 - 11:19 AM, said:

Those are malicious servers and there isn't much which can be done against, because by design servers are a point of trust (to some degree) in the network. If the server works against the client, this can't be fixed by some small code changes.
So your best bet is either only use Kad or get a clean serverlist.

I'm not a coder but it seems to me that the client can identify malicious servers pretty easily. There should be an algorithm implemented that identifies and blocks bad servers and clients.

In it's most basic form this algorithm should block servers that sent results the user marked as spam (you can implement a "3 strikes" system to avoid mistakes). I'm not sure it is possible to do in KAD since I don't know if the client knows where the results came from exactly (which specific user sent which specific result). The more sophisticated approach is implementing statistically based algorithms that can identify over time bad behaving servers and users and block them. This can be based for example on servers (or clients for KAD) that return results with too many sources (as compared to the rest of the servers in the list or the size of the network).

Just an idea...

This post has been edited by niRRity: 09 June 2012 - 07:28 AM

[DatHebIkWeer]

niRRity, on 09 June 2012 - 08:17 AM, said:

I'm not a coder but it seems to me that the client can identify malicious servers pretty easily. There should be an algorithm implemented that identifies and blocks bad servers and clients.

In it's most basic form this algorithm should block servers that sent results the user marked as spam (you can implement a "3 strikes" system to avoid mistakes). I'm not sure it is possible to do in KAD since I don't know if the client knows where the results came from exactly (which specific user sent which specific result). The more sophisticated approach is implementing statistically based algorithms that can identify over time bad behaving servers and users and block them. This can be based for example on servers (or clients for KAD) that return results with too many sources (as compared to the rest of the servers in the list or the size of the network).

Just an idea...

Or if you happen to find out which server is the source just block it manually. If I right click on a server in the list I do not get an option "block server" (in standard eMule 0.50a). I think it would be a great feature if I could do that.

Anyway I did not import any servers by hand. When I reinstalled eMule last week I removed all servers in the list and just started KAD. Within minutes I had a nice list of servers that seems pretty clean.
I do get a lot of spam of files that are exe or archives containing an exe. But I am afraid that is a virus that cannot be blocked by ed2k or KAD without losing a lot of the good features also.

It's always advisable to have a good up to date virus scanner installed when using eMule.