April 29, 2009

The kingdom of Spamalot

I get a lot of attempts at comment spam and have evolved a script that seems to take care of it without denying any legitimate comments. Worst case scenario, the comment gets put into moderation awaiting my approval. I have been getting a large number of spams recently that are using exploited forum pages to promote the usual PPCs (pills, pr0n, casinos). If the admin of a forum isn't diligent, a user can register, gain the ability to post and then offer their username/password to the bots that send this shite around the net. Fortunately, the signature for this is about as blatant as you can get so out of the 55 or so attempts (and I do mean ATTEMPTS) not ONE has been successful. When crap like this comes in, it gets sent to moderation which is a quarantine -- the post resides on my system but it is invisible to anyone trying to look for it from the outside world. This helps to stamp out the other kind of spam that has been happening a lot in the last couple months -- people will post an email with a five or six character "nonsense" word (eg: 5Zq17A) and then some random text and URLs -- bots looking for this nonsense word will not find it as it too is in moderation waiting for my deletion. A little work with RegEx and these are gone too. To top it off, about 20% of these pathetic little at temps are coming in from either Proxy IP addresses or IP addresses registered with one of the spam registration centers. I check these first. Proxy's get put into moderation as they may be someone with a legitimate reason to use a proxy. Registered IPs get dropped into the ole' bit bucket. Hey script kiddies, keep that wailing and gnashing of teeth down a bit, your Momma might hear you -- after all, your basement bedroom doesn't have any sound insulation from the rest of your folks house. Posted by DaveH at April 29, 2009 8:15 PM