Skip past introduction.

WolfBlog

Reflections from a Swede in Norway.

Here you will find my small graffiti board where I write about things I come to think about.

In my blog, I write about the general unfairness of life, about spam mail, vintage computers, board games, Norwegians, current and not-so-current affairs, technology and whatever else occurs to me — in other words, a glorious mess. All opinion expressed here are of course my own, and all similarities with any living people is of course intentional.

These pages are using automatic language selection, if you prefer to read in Swedish, please use this page instead. You can also get this as a RSS channel (explicitly select English version). See the help for info on how to make your web browser select the correct language automatically. A monthly overview is also available.

All text and pictures © copyright Peter Krefting, unless otherwise noted. More about the author.

Comment spam

Published: Friday 2005-01-07.

I have just been waiting for this to happen and yesterday it did, a spammer tried to post a spam comment with various links to fake pills, poker and casino gambling to my blog. I guess that these are the same scum that forced me to close my guest book last year that now have found their way here, but fortunately they were captured by the filter I originally created for the guest book. Let’s see how long that lasts, other people have been forced to disable the commenting functionality because it has gone too far.

It is such a pity that there always is people that try to destroy what others build.

[Comment spam]

This entry is referenced in: An attempt to restrain comment spam.

Categories: spam.

Comments

The article is older than a fortnight and has been closed for new comments.

Disclaimer: The comments are copyrighted by their respective authors. The web site owner takes no responsibility for the contents of the comments. Improper comments will be deleted.

  • Date: 2005-01-07 04.18.00 CET
  • Name: rdean
  • Posted from: c-66-177-153-39.se.client2.attbi.com

Would it be possible to do one of those "type the word that appears in the image" type of controls as an additional measure to prevent automated posts?

  • Date: 2005-01-07 04.45.40 CET
  • Name: bignose
  • Posted from: nat20.cyber.com.au

You're referring to a Completely Automated Public Turing-test to tell Computers and Humans Apart -- a CAPCHA. Unfortunately, they're inherently broken.

They are unusable by those who don't receive the test the way you intended. Most commonly, they're implemented as an image of text; this is awful from an accessibility standpoint. Any other means of munging the text is subject to the same problem; some of your valid users can't see it.

Even if you dismiss the accessibility problem, they're still broken. Regardless of what technology they use, they have a fatal flaw: a spambot can simply ask someone else to solve it for them, then post the answer to your test. This is done by using your CAPCHA as an access mechanism to some free porn; there is *no* shortage of willing humans, 24 hours a day, to do this. Having done so, they've unwittingly told the spambot the answer to your CAPCHA.

More discussion on CAPCHAs and their downfalls is at the Wikipedia CAPCHA article: http://en.wikipedia.org/wiki/Captcha

  • Date: 2005-01-07 07.02.24 CET
  • Name: Peter Karlsson
  • Posted from: 062016211058.customer.alfanett.no

No, I have no plans to implement such a thing. I don't want regular people to suffer because of what these scum are doing.

Heh - I had the same one in my comment queue this morning.

I just had one of them though. Normally I get one comment per commentable post - either this guy is lazy, or he's trying to not stand out as much.

  • Datum: 2005-01-07 19.04.11 CET
  • Namn: Peter Karlsson
  • Sänt från: 062016211058.customer.alfanett.no

I've also only seen one so far. Strangely enough, it started when I added the word "trackback" to the page, my guess it's someone using search engines to find suitable pages. Because of this, I have removed the word "trackback" from the comment form.

On a similar note, the head light on my bike was stolen today. I noticed this as I was about to go home today. And it wasn't just mine, none of the bikes had any head lights. :-(

There are a couple of things you should note about the spam you were hit with:

1. If you review your server logs, you will notice that you will also have been (mass) referrer spammed by most of the same URLs. All of these referer log spams have been made with a tool named Reffy.

2. Every single comment or trackback spam attempt I have seen on my blogs, are made through open proxies. There is some discussion (and two plugins for other weblog systems) on this over at http://bradchoate.com/weblog/2004/11/05/mt-dsbl.

Combine these two, and you're very unlikely to be hit hard by spammers.

  • Datum: 2005-01-08 15.43.20 CET
  • Namn: Peter Karlsson
  • Sänt från: 062016211058.customer.alfanett.no

I noticed some interesting referrer, but not much. I don't publish the logs, nor do I examine them very closely, so referrer spam is not something I'm very worried about. They were coming through an open proxy (I thought I had mentioned that in the post, but apparently I forgot), and I did immediately ban that using access controls.

Problem with plug-ins here is of course the fact that I'm not using any of the common blogging tools. In fact, I've written everything myself, except for the comment function which is based on a freely available guestbook CGI program... But it looks interesting, I'll have a closer look at it and see if it can be adapted for my setup.

Thanks for the tip!

| | Latest postings | This month | All months and categories

Subscribe (RSS)

This page is best read on the Internet.

[Opera browser] [Bloggportalen]

peter@softwolves.pp.se