Skip to content

SER Skipping Proxies When Posting?

FatSteveFatSteve
in Bugs
Hello,
my ISP is rather sensitive to "regbot" and spam in general and I'm getting complaints about spam with in detail reports that clearly shows my servers IP.
I use dedicated and anonymous proxies for everything, even email checking.

Could it be possible that GSA skips proxies for some actions?
Here is part of the abuse complaint I have received from my ISP, I masked my servers IP with XXX.XXX

Webserver log entry: 
XXX.XXX.XXX.XXX - - [26/May/2013:09:14:38 +1200] "POST /gallery/db_input.php HTTP/1.1" 403 5 "http://www.collingwood.me.uk/gallery/displayimage.php?album=15&pos=2" "Opera/9.80 (Windows NT 6.2; Win64; x64) Presto/2.12.388 Version/12.15" 
Originating IP address:  XXX.XXX.XXX.XXX - !!! not a proxy but my server's IP :-(
Destination IP address and port: 67.227.153.106:80 
Date & Time: May 26, 2013 at 09:14 PM GMT 

Same thing happened with few forum registration and wiki posts. 

Please look into that as this is rather important.

Thank you in advance,

Andy
«1

Comments

  • SvenSven www.GSA-Online.de
    Just checked the code...every POST is a submission and for that it uses the submission proxy settings. The only reason it would skip that is all proxies are disabled.
  • FatSteveFatSteve
    Not possible, they have been enabled in settings since day 1 and I'm using quality dedicated proxies. I'm not a crazy person. Just letting you know what happened.


  • SvenSven www.GSA-Online.de
    Sorry but I can't see any issue on that. I checked it myself several times. Could you share your settings (including proxies) for testing?
  • FatSteveFatSteve
    Settings are as follow:
    image

    As for proxies - they are bound to IP, I need to know before allowing to use them.

    Every check I ran on proxies told me that they are not proxies and that there is nothing going through.

    Proxies are provided by http://www.ipfreelyproxies.net/
  • FatSteveFatSteve
    I believe beside that particular guestbook, there is a leak in email verification - it is done bypassing proxies.

    I have checked my proxies against stopforumspam blacklist and only entries are about 2 months old and on using emails on my projects. Since then nothing - meaning that at some point GSA stopped using proxies when verifying emails or clicking links in them.

    Checking my server IP shows basically multiple daily entries with email addresses.

    Since GSA supposedly checks email via proxies and supposedly clicks on those verification links via proxies, in those blacklist entries should be my proxy IP's and not the servers.

    Sven, I believe there might be a bug in that particular guestbook engine because my server's IP was clearly visible and also something in the email+proxy combination. 

    Could it be that clicking verification link is done bypassing proxies? Because it certainly looks so at least according to stopforumspam - this option stopped working about 2 months ago - that's when I last saw my proxy IP's in blacklists.

  • SvenSven www.GSA-Online.de
    Just checked it. When clicking/parsing email links, it is also using the proxy options from "proxy for verify".
  • FatSteveFatSteve
    Ok, how then this happens that server IP gets blacklisted and proxies are clear?
    I have checked all my settings - everything including email verification should be going through proxies yet there is not a single fresh abuse report on those proxy IP's while there are basically 30-40 daily reports on server IP and email addresses used. 

    Hotmail would report proxy IP, this means that somewhere GSA skips proxies and uses server IP. Unless you have better explanation.

    Regards,

    Andy
  • FatSteveFatSteve
    Could it be that when SSL is in use like with hotmail email accounts, proxies get skipped?
  • SvenSven www.GSA-Online.de
    Hmm so you think using a proxy for pop3 access might be the issue?
  • SvenSven www.GSA-Online.de
    What type of proxies do you have? Because only TRANS and SOCK4/5 proxies can be used for pop3.
  • FatSteveFatSteve
    I have both types - some of them are detected as trans, some of them as web.

    Ideas? if you drop me your IP address, can give you access to them so you can play with them for a while.

    Andy
  • SvenSven www.GSA-Online.de
    @FatSteve, yes lets do that on monday. Im not in office right now to check things properly.
  • FatSteveFatSteve
    Ok, we do need to clear this thing outl. if you say everything in code is peachy, means proxies could be leaking.... otherwise it is GSA.

    Lets do this on monday, can add proxy list so you can play with it.

    regards and have a great weekend!

    Andy
  • spunko2010spunko2010 Isle of Man
    DId this get resolved?
  • FergsterFergster
    Yeah wondering the same As I have the same issues and use the same proxy provider
  • StartripStartrip
    edited June 2013
    if i have a mix of trans and web, does GSA detect which of them to use for email checking? Im having proxies unchecked for email verification (i remember sven recommended that somewhere), but for pivacy reasons i'd love to use proxies.

    Best regards
  • FatSteveFatSteve
    As far as I can tell, SER skips proxies when using SSL either because proxies are not supporting this or because GSA SER does not. As soon as I use plain pop3 emails, everything works fine, just as I skip to SSL hotmail accounts, real IP is used instead of proxies when verifying clicks are made.
  • sawa73sawa73
    SSL works fine with my proxies (buyproxies), you need to change port to 995.
  • fcollingwoodfcollingwood
    edited June 2013
    Steve, here's some good advice.......

    If you don't SPAM you won't get reported and blacklisted. Just a thought.

    And by the way, the IP address where you hosted you crap spam bot was 88.208.32.20. If your hosting provider is any good, that's not your IP address anymore, because they've dumped you.
  • FatSteveFatSteve
    well that crap spam bot you are referring to is actually GSA SER...
  • fcollingwoodfcollingwood
    And you're spamming with it - so it's a crap spam bot.
  • the_dude_abidesthe_dude_abides
    I am having this same issue and I don't see an answer in here, was this ever resolved?
  • SvenSven www.GSA-Online.de
    yes it is, you just have to configure it properly.
  • the_dude_abidesthe_dude_abides
    Why would these settings be leaking my ip? Do I need to add another layer of proxy testing before using them in GSA?

    image


  • SvenSven www.GSA-Online.de
    if you use public proxies, you have a big chance that your IP is leaked due to some proxies not being anonymous.
  • the_dude_abidesthe_dude_abides
    I only use private proxies, the public option doesn't really need to be ticked for me but I do anyway.

    What I am getting from your comment is that the GSA proxy test isn't sufficient to ensure the proxies I am using are indeed anonymous when used. Certainly not the greatest proxies in the world, I'll just have to test them more rigorously outside GSA before using them.

    Thank you for the response, much appreciated.
  • BruutBruut
    I use 10 semi private proxies and when i try to google search(with my real ip) i get asked for captcha.
    I don't think these proxies leak they are from buyproxies.org
  • audioguyaudioguy
    Anyone experiencing the same thing? I also use my VPS for SER only. When I fire up the browser and use Google, it shows captcha at first. Then everything runs as usual, until a few hours or a day later, it will ask for another captcha. How could Google suspect my real IP if I use semi private IPs all the time (no public proxies).
  • cherubcherub SERnuke.com
    VPSs are not necessarily on a dedicated IP. You could easily be sharing your 'real ip' with others who aren't using proxies/using crap proxies
  • AlexRAlexR Cape Town
    @cherub - spot on!
Sign In or Register to comment.