More Comment Spam

Wednesday, November 10th, 2004 at 1000

Well, even though I installed the blacklister, which has been rather successful, there is still some arsehole using randomly generated spoofed email domains to spam my site.
I don’t give a damn about Texas Holdum and I have no idea which genius spammer thought this site would be a good vehicle to advertise it, but there you go. For the time being, comments have been switched to moderation only. Perhaps I need a wordlist or URL blacklister, as detecting on email address is obviously not robust.

Answers on a (moderated) postcard.

This entry was posted on Wednesday, November 10th, 2004 at 1000 and is filed under General.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.

5 Comment for “More Comment Spam”

  1. dies-el Said this on November 10th, 2004 at 1022

    As I said last time, blocking domain spam by domain is like trying to block email-spam by subject; It doesn’t work.

    I’ve got a script on desto.net that closes comments after 21 days, and that has removed comment spam (so far).

  2. Rob Said this on November 13th, 2004 at 1326

    I agree, i have been hit hard by this spammer also, one night i came back to my blog and found about 1000 comments waiting to be approved and about 300 on my site. I hate this guy!

  3. techfreakz Said this on November 15th, 2004 at 1834

    how about writing a smart php module that verifies the domain of the sender’s email address? just a thought

    Cheers

    AS

  4. MKeeper Said this on November 15th, 2004 at 2321

    That might work for some of them, problem is where they spoof registered Domains. (We’ve been spammed at work from emails that are apparently from our own domain!)
    You can’t even use IP Tracking, as M$ had the brainwave idea of providing Raw Sockets in Windows, so you can spoof IP Addresses too (hence the power of DRDoS attacks).

    A good idea though, it might help to block some of the more bizarre generated email domains (although once they start pretending to belong to genuine domains that goes out the window too).

    Alas .. wordlisting gets screwed by so called “l33tsp34k”, where every combinations of letters and numbers need to be considered to block them (it’s amazing how people this stupid are capable of thinking of that many combinations of characters to try and say “adult”)

    cheers

    MKeeper

    PS – nice to see ya AS 😉 been a while

  5. Rob Said this on November 17th, 2004 at 1048

    There was a wordpress ‘thing’ at one point that would do ‘self-moderation’. ie send an email to the address given by the commenter and they have to click a link to activate the comment.
    Can’t remember what it was called though…

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>