Variations on comment spam
It has been a very quiet week or two over the July Fourth holiday but spammers are starting to ramp back up again.
This time, it's a new variant on an old theme -- the spammer posts a banal comment about how good the blog is and how they will be returning again. Usually, these are followed with anywhere from two or three to over 100 URLs pointing to the same old PPCs (Pills Pr0n, Casinos).
Tonights was just the banal message but the posters website was the link.
Needless to say, their IP address was clicked into the 'ole bit bucket and that particular URL was clicked onto the block list.
What makes this such a ridiculous turkey shoot is that this booger eating moron used a system whose IP address had already been flagged as a spam originator or zombie system. It was a type of spam that I was not filtering for but because it used a known bad IP address, it got flagged. It would have been successfully posted if the idiots running this had bothered to check their bot net for bad addresses.
I am dealing with children here -- as I said before, I am a hardware guy but I have had to program and am fairly literate in a few languages. I am not by any stretch of the imagination a good programmer.
These people are mouth-breathers -- idiots.
They Have No Geek Fu
And I am now looking for this technique as well -- there was a definite signature that I am now filtering for. What I am running is about 80 lines of PERL and about ten lines of regex. I am stomping out 99% of all incoming spam while letting through most legitimate comments. If a comment triggers something that puts it into moderation, I will review it and click to approve if it's OK but a good solid 90% of all legit comments go to direct posting.
Heh...
Posted by DaveH at July 9, 2009 9:17 PM