I just cleaned up a bamwar on talk.commonmark.org so I have info.
Here are the accounts that were used:
ariel122iori@gmail.com
dlcjsghk4@gmail.com
argie121ikuya@gmail.com
alchemy1236emori@gmail.com
mingoksong@gmail.com
antook1316ikuei@gmail.com
aagaard1165akashi@gmail.com
aakre1167akifumi@gmail.com
aaker1166aki@gmail.com
anacino1162aiji@gmail.com
anchor1289gengo@gmail.com
andrei1294genya@gmail.com
ando1292genki@gmail.com
andrews1295giichi@gmail.com
aadland1164aiya@gmail.com
andy1296ginga@gmail.com
angel1298gou@gmail.com
angela1299gouki@gmail.com
angeles1300goushi@gmail.com
annjo1312ikkei@gmail.com
anthony1313ikki@gmail.com
antilop1314ikkou@gmail.com
antonio1315iku@gmail.com
cameronbrown02@mail.com
gfdhgfhg433@gmail.com
jajahgdgad187@gmail.com
ertetwetg78@gmail.com
ttttttttttt1478@gmail.com
shooipoip478@gmail.com
fgdfhdh154@gmail.com
jamypineda1234@gmail.com
meguilapascubillo4787@gmail.com
pineschuway489@gmail.com
delmadela1234@gmail.com
bong289balo@gmail.com
durtkadurdksak@gmail.com
javina111malay@gmail.com
rkdskadksak@yahoo.com
eocldksak@gmail.com
forisj0828@nate.com
tmxktkdan5@gmail.com
didwodksak@gmail.com
estillertricia63@gmail.com
anne998ann@gmail.com
raudi885dew@gmail.com
jona109jo@gmail.com
alona268bane@gmail.com
tricia594trish@gmail.com
wanda213dang@gmail.com
jhoy789jo@gmail.com
vip043680@naver.com
p01072896066@gmail.com
kalamansi123juice@gmail.com
qfafafaa@yahoo.com
afafafqfwqfq@yahoo.com
hbt9126@gmail.com
balagtas158junya@gmail.com
balagyas159kadoma@gmail.com
cessyah@email.com
baldo162kai@gmail.com
balatbat161kageki@gmail.com
bernard456pot@gmail.com
ldh5429@gmail.com
cessyah1330@gmail.com
park791212@gmail.com
qkrehdrb2016@daum.net
p01066037635@gmail.com
yabam100@gmail.com
ganutan456anthony@gmail.com
69 unique email accounts so far. Seems to be using gmail (almost) exclusively, and possibly Google auth login as well.
Here are the IP ranges that got banned after deleting all those users as spammers:
Commonalities are:
210.89.162.*
211.233.*
104.131.*
And that’s… about it, really, pretty good variety of IPs here. I haven’t geolocated them yet but that might assist as well. As you can see they have a lot of users and they mostly come from different IPs and unique email addresses on a legit provider which makes this more challenging. (The ultimate challenge is when they all come from Tor, but this is not that.)
I went ahead and bumped up two Discourse site setting defaults to assist in blocking this kind of human spam in the future:
rate_limit_new_user_create_topic: 120 (was 60, this is in seconds)
max_topics_in_first_day: 3 (was 5)
These should only affect TL0 users, but we do prevent first day new topics in total for the first 24 hour life of the account.