Pete Ashton pointed to an interview with a
varmint comment spammer oh what the hell, "varmint" covers it quite nicely. Like Pete himself says in his linkblog, a "nailgun in the bollocks is too good for them". But the disgusting parasite is kind enough to fill in some of the gaps in my knowledge of the history of blog spam.
Archive for the ‘Tech-geekery: spam’ Category
Pete Ashton pointed to an interview with a
During the blog's outage, I continued to follow the debate on whether "nofollow" was useful, harmful, neither or both. Right now, I don't feel like catching up with that. I'm sure anyone who's interested in fighting comment spam has seen most of the arguments. Except this one:
I noticed several hours ago that for some reason the trackback section of my index page was no longer marked up properly. ... The discovery was followed by a series of progressively more outlandish attempts to coax recalcitrant code into revealing itself, without success. What really hurt was how the comments, which were encased in the exact same html code structure, performed flawlessly. Then I remembered I had installed the new "nofollow" Movable Type plugin earlier in the day. I removed it, and my problems were gone
More about "nofollow" here.
I briefly considered being a hero and repairing the plugin, but then I saw the grep pattern that adds the "nofollow" rel attributes to comment and trackback links, and it is a monster, so I'll settle for flagging this bug. ...
One or two people in that harmful/useful debate have expressed amazement over the speed at which the concept was rushed into becoming a de facto standard by Google, Yahoo, MSN and major blog software developers. If the implementation was equally rushed, it's no surprise that the plugin is buggy.
I have installed mt-commentproxyblock even though the web page didn't say whether it worked with my creaky old version of Moveable Type. So this will be your test post to see if it's broken the blog and especially comment submission. This plugin's supposed to be really good, by the way.
Update: The plugin doesn't break commenting, but it doesn't appear to do anything useful either. I had another 50 comment spams to archived posts (I still haven't finished closing the archived comments, which is a hugely time-consuming process) this morning, so another hour of my time, on Sunday morning, was stolen from me by those scum.
I've had some suggestions to help solve the problem ranging from intelligent (non-image-based) Turing tests to upgrading to MT3.*. All of these take time to implement and test so it may be a while before I get around to working on them. In the meantime, I will continue to barricade the blog. Apologies if this causes any inconvenience.
Update #2: I have also just got my first, albeit minor, wave of trackback spam. I really want to kill someone painfully with my bare hands right now.
If you've been using M2, the email client coming with Opera, for a while, you may find that the "learning" spam filter's performance, after initially improving, starts trending downhill, leaving more spam messages unfiltered. I was puzzled by that, but I think I've found the cause: backdated spam.
Some good news from the war against spam:
Dutch telecommunications watch-dog Opta has fined its first batch of spammers since the introduction of the anti-spam ammendements to the telecom law late last year that granted this power to Opta. (Links lead to Dutch pages.)
Fourteen other small-scale spammers received warnings.
It's not as good as having them hunted with dogs, but until that (and kicking them in the bollocks) becomes legal (uhm, I have some very imaginative ideas about what kind of treatment should be legal to hand out to spammers), it will have to do.
126.96.36.199 is the 100th IP address to be added to my IP ban list! The lucky winner just spammed the blog with a link to an internet casino. Sam Spade has no info on the URL, and the lucky number points to a university, so I won't do a full exposure of the spam here.
If this blog can go for 14 days without spam passing through MT-Blacklist, I will liberate the comments. The clock has been reset...
I just received the following email:
Subject: ever wanted pain pills, overnite shi`ppi'ng to your door
broken, okay? the law. remember the law?
>From: Leatha Gardner [mailto:email@example.com]
>To: mickey klaers; jacob giernoth
>Sent: Sunday, March, 2004 6:50 AM
>with me,fri-ends! --- Gore AR
>wysokinski 10zlobek 91stawaly najslynniejszyprycza
...I have absolutely no idea what that was about.
The timetable keeps getting reset on the liberation of the comments. I will start allowing HTML, links and images as well as display of the URLs you guys all so faithfully type in when you comment, if I can go for two weeks without having spam pass MT-Blacklist. Unfortunately, spam passes MT-blacklist daily; in fact, the problem continues to get worse.
Just minutes ago, I caught a glimpse of how spammers may defeat MT-blacklist altogether: by brute force. I checked my mail and was flooded with transcripts of comment spams from blackjack-123.com who sent over 100 spams from a wide range of IP addresses in a space of a few minutes. Moveable Type's builtin flood control caught a few addresses and automatically banned them (yay!) but the flood was so overwhelming that it interfered with my ability to add the casino.blackjack-123 address to MT-Blacklist. The flood continued while MT-Blacklist was unable to process the information.
I am sure that this tactic will be used again, and more powerfully.
The news on extracting much-desired retribution from blackjack-123 is also bad.
This is the place to test if legitimate comments get through. Post away! Any old nonsense will do, even Republican talking points.
Update, Sep 14, 2004: this entry now seems very popular with real spammers, so I'm ending the test and closing the topic. First topic I've closed since installing MT-Blacklist. I was rather hoping I wouldn't have to do that again...