Telegram autoposting python script is leading to systematic bans - telegram

I want to make a simple auto posting script to post picture + text to multiple groups where it is welcome to not get any reports.
I already made a script without any proxies on a Telethon python module. It connects the virtual numbers with an app_id and hash_id so that it can send automatically messages to sertain groups and it all works fine untill it reaches 5 messages limit, then it results in spam block of telegram account.
On some of the account this number varies from 5 to 30+ message limit.
● Question: Is there any logical explanation based on what is telegram deciding to spam block the accounts usually right after 5th message? Is it a problem of messages text being the same? Or it only cares about delays? If anybody had experienced same problem, please share a solution of how to not get spam blocked and what are the requirements to not act as a spam?
I have tried changing text and sending the posts manually, but it always gives a negative result in the end.
Sending messages to Telegram groups (chats) shouldn't be a problem, since on my main Telegram account I usually chat and send lots of messages daily, but manually. Hope someone will help me take the stone off shoulders.

Related

Is it possible to send messages via Telegram Bot to a specific phone number (not chat_id/username)?

I understand that this question has been asked before, but those topics are dated 4 years ago, so I wonder if anything changed.
TL;DR:
I understand the concern that sending messages via phone number would make users vulnerable for spam. But there is something I discovered that makes me reconsider this. If I /start a chat with Telegram Bot, chat_id is generated. Interesting thing is, this chat_id is the same for my conversations in other chats. I might be wrong here, but it seems that spam issue should be handled in a different way. Thus, I wonder if there is a possibility to send messages straight to user's phone number.
Thank you for your time.
No, you can't. Each user's ID is unique and not changing during conversation/chats. But you can't send the message to user if he did not accepted it by starting your bot as i know. Also, phone number can be shared only from user side. You can't find users by phone number, at least, official api doesn't provide such methods.

In webhook what is has_custom_certificate: false?

I have a teegram bot that has an issue because send many times same message.
Maybe because bot don't say to telegram the first operation is correct.
Is really slowly and so telegram send again message.
I'm tring to understand the reason but nothing....
Now i noticed that for getWebhookInfo i have:
has_custom_certificate: false
maybe this is the problem ?
You must upgrade the SSL certificate
To a self-signed one that uses the same requirements as Telegram
In order to avoid any problems in data transmission
And I remembered that this problem had occurred to me even though everything was correct
Then I knew that the problem was from Telegram, where he restricted the bot from responding to any transmission codes, so I deleted the bot and created a new one and it was running on the same domain that I was using without doing anything.

How to manage too many messages sended to my bot?

I have implemented a php telegram-bot (https://github.com/php-telegram-bot/example-bot). I'm using the getUpdates method to recieve the messages sended to my bot.
The problem is that there are too many spam users sending him fake messages and for that reason I have a long tail of new messages and it produce a big delay for process the important messages.
I have seen that is not possible to block this spam users and it is not possible to recieve more than 100 new message in each call through telegram API. If i'm recieving thousands of messages per second, how can I manage them all with the least possible delay?
Finally I could resolve the issue. The spam come from different groups wich my bot was added. I configure it to not permit to be added to groups and then I use the interface "leaveChat" of the bot api to leave the chats. I have recorded all the chats where my bot recieve message, the group chat ids were easy to identify because they have negative ids.
I also increase the frecuency to download updates up to 20 calls per minute.

How often can I ping Google Calendar without getting banned?

We are writing our custom scheduling app for our website.
Necessarily, it requests Google Calendar data to see when one of our 3 team members are available and then offers the visitor an array of available time slots.
Problem is, this takes too damn long to get the updated info.
I'm wondering if we could simply get all this data in the background and offer visitors to pick from data that is a few seconds old :)
So my question is, how often can we initiate this without getting banned by Google.
Here you go. The limit you're looking for depends on the type of google account you're using.
https://developers.google.com/apps-script/guides/services/quotas
Also you won't get banned, it just won't run. If you're on a consumer account you could ping it 1x every 18 seconds without it failing. That's as close as you can get to "Live Data".

Firebase 3 - We have blocked all requests from this device due to unusual activity

I was testing my login/sign up feature and for some reason I can't understand Firebase now is blocking all requests from my device.
I've waited one day to try again, but I still have the same problem.
ERROR:
"We have blocked all requests from this device due to unusual activity. Try again later."
What should I do to have access to my database again?
If you use Phone Authentication, Here is what to do:
Go to Firebase Console
Authentication ==> Sign-in-method
Go to "Phone" and pop-up will show
Add your phone number at "Phone Numbers for testing" along with a verification code from your choice.
And it works now :)
One of the possible solutions:
Go to your Firebase console -> Auth -> Users table
Locate the user you are testing.
Delete this user.
Retest.
I contacted firebase support and received this message:
The error "We have blocked all requests from this device due to
unusual activity. Try again later." is usually thrown when a user is
making SMS authentication requests to a certain number of times using
the same phone number or IP address. These repeated requests are
considered as a suspicious behavior which temporarily blocks the
device or IP address.
Additionally, there's a limit of 5 SMS per phone number per 4 hours.
With this, you may try doing the following to resolve the issue:
Reduce the frequency of attempts to avoid triggering the anti-abuse
system Try using whitelisted phone numbers for testing your app
Use multiple testing devices (as the limits are applied per IP or
device) Wait for an hour for the quota to lift
I tried to increase the quota as per #lhk answer but there answer is the
following:
You also mentioned that you have increased the quota to
1000 but it didn't work. Do note that this "Manage to sign up quota"
field is intended for Email/Password and Anonymous sign-ups.
I've run into the same problem.
By default (for the free plan), firebase caps sign-ins to 100 per hour, per IP-address.
This broke our automated testing. You can change the setting like this:
open console
open your project
go to "authentication"
go to "sign-in method"
scroll down to "manage sign-in quota"
That's it. Currently the maximum setting for this quota is 1000 per hour
.
This is one of many quirks that I am running into. While Firebase seems to be a nice framework/product/service, at the moment it doesn't seem to be totally ready for broad production deployment yet. In this case I only used one particular (fake) user for testing/debugging and only after just a few attempts (probably no more than 10 sign-ins), I ran into this issue. The funny thing is that my tests delete the fake test-user after each run so I couldn't see any user in my auth user table afterwards. The solution for me was to manually add that user via the "ADD USER" button and then delete it. I think they should have (at least as a workaround) a definable user that is for testing/debugging, who is not subject to this restriction, if they really feel they have to have such a (low) limit.
I have added my phone as a test number in the Sign-in method tab.
Actually this error occurs when your quota limit is exceeded.
Just add your number and testing OTP to get it worked.
Note: The testing number will not get any message of OTP as we already
defined static OTP code.
See my answer at https://stackoverflow.com/a/39291794/18132
I went into firebase > Authentication > sign-in method > google and added my client id to the whitelist.
I managed to get this working straight away by resetting the users password.
Steps are as follows:
Go into your admin console, Authentication, Users
Locate the user
Click on the menu dots in the far right hand column
Choose reset password, then click ok
Follow the steps in the email when it comes through
The error "We have blocked all requests from this device due to unusual activity. Try again later." is usually thrown when a user is making SMS authentication requests to a certain number of times using the same phone number or IP address. These repeated requests are considered as a suspicious behavior which temporarily blocks the device or IP address.
Additionally, there's a limit of 5 SMS per phone number per 4 hours. With this, you may try doing the following to resolve the issue:
Reduce the frequency of attempts to avoid triggering the anti-abuse system Try using whitelisted phone numbers for testing your app Use multiple testing devices (as the limits are applied per IP or device) Wait for an hour for the quota to lift
Add that number of yours to Firebase as a tester. This way you can test it as many times as you can.
Else multiple requests from one number to a project. Firebase deals it as a hacker and blocks it.
Add your number as Tester as:
Go to
-> Firebase Console -> Authentication -> Sign-in-method -> Edit Phone -> Phone numbers for testing (optional)
Add your phone number and verification code of your choice and that number will then work.
You will not get verification code from firebase, but you can give the verification code you set as a tester and can login through phone
One of the causes can be sending too may verification email to a user's email within a short duration of time. Try adding a duration timer and check if the verification message has been sent within the time duration.
If you are doing tests a better way to go about it is to add the phone number as a test number Authentication > Sign in method > Phone. Then add the test number + the verification code you'll use
I was facing the same issue and I solved this problem by Buying Blaze plan. This blocking seemed like a security measure on Firebase's side.
If you are using Firebase for development purpose, buying the Blaze plan won't cost you any thing as it has the same quota of free services offered in Spark plan.
Also, setting up Firebase Auth test phone numbers should help.
Per https://firebase.google.com/docs/auth/ios/phone-auth#test-with-fictional-phone-numbers:
Test with fictional phone numbers
You can set up fictional phone numbers for development via the Firebase console. Testing with fictional phone numbers provides these benefits:
Test phone number authentication without consuming your usage quota.
Test phone number authentication without sending an actual SMS message.
Run consecutive tests with the same phone number without getting throttled. This minimizes the risk of rejection during App store review process if the reviewer happens to use the same phone number for testing.
Test readily in development environments without any additional effort, such as the ability to develop in an iOS simulator or an Android emulator without Google Play Services.
Write integration tests without being blocked by security checks normally applied on real phone numbers in a production environment.
Fictional phone numbers must meet these requirements:
Make sure you use phone numbers that are indeed fictional, and do not already exist. Firebase Authentication does not allow you to set existing phone numbers used by real users as test numbers.
One option is to use 555 prefixed numbers as US test phone numbers, for example: +1 650-555-3434
Phone numbers have to be correctly formatted for length and other constraints. They will still go through the same validation as a real user's phone number.
You can add up to 10 phone numbers for development.
Use test phone numbers/codes that are hard to guess and change those frequently.
Create fictional phone numbers and verification codes
In the Firebase console, open the Authentication section.
In the Sign in method tab, enable the Phone provider if you haven't already.
Open the Phone numbers for testing accordion menu.
Provide the phone number you want to test, for example: +1 650-555-3434.
Provide the 6-digit verification code for that specific number, for example: 654321.
Add the number. If there's a need, you can delete the phone number and its code by hovering over the corresponding row and clicking the trash icon.

Resources