MainDoctor WhoMusicSoftware
Main Page

Alden Bates' Weblog

Feigning normality since 1973

Blog Spam status report

Filed in: Spam.

First trackback spam in a while got through today... It managed to get past MT-Blacklist, but was moderated by MT-Moderate before it could appear on the entry.

At least (as far as I can tell from my logs anyway) the Bulgarians have given up trying to comment spam me constantly - the last hit from that was around the 16th of last month. The .htaccess filters I got from Spamhuntress' site were pretty much blocking their hits...

It looks like they're concentrating on trying to trackback spam me - I'm still getting plenty of spam trackback pings, though I don't think the one that got through was from them... Many of the pings are coming through, which I have blocked in .htaccess, of course. Those pings which have gotten through have been stopped by MT-Blacklist.

I have a regex set up in MT-Blacklist which stops all of their trackbacks. The software they're using generates random sentences all in the same format using a small collection of phrases:
(check|visit|check out) (the|some) (sites|pages|relevant pages|helpful info|information) (in the field of|dedicated to|about)

808 hits blocked so far (though that's not accurate because I refined the regex a couple of times). I'd like to just block pings with links in the body, but (a) I'm not sure if that would block valid pings, and (b) MT-Blacklist doesn't have any way to specify comment versus trackback or specific fields thereof.

I'm also tempted to try hacking MT-Blacklist to return a 403 when it blocks a ping, on the off-chance it might discourage the spammers further...

Posted June 2, 2005 9:17 PM


My webhost blocked's open proxies at the firewall level, along with the most offending repeat open proxies being used by the same spammer/s ("the Bulgarians" as SpamHuntress refers to them).

Everyone should just block the Mexican proxies because they are responsible for enabling a huge amount of spam all over the internet. I don't know why, as in, what's their problem, why they're fascilitating the spam, unless, obviously, they're getting profiting from the process (which means, they're participating).

In the realm of politics, it seems that conservative and/or "anti spam" blogs get the worst of their efforts. Not a surprise there.

MT Blacklist does block most of it but unless they are prevented access at the server firewall level, the spammers (and particularly the open proxies of continue to hit the server every two seconds...sometimes for hours on end. There are others, but mostly people should block all open proxies if and when they can. From the servers, I hope that more will block because alestra is obviously not willing to take actions themselves to stop what they're doing. Not like they are unaware of the problem is my point.

Posted by: -S- | July 3, 2005 2:36 PM

For's a site that lists public proxies (not that you aren't already aware, just saying):

Posted by: -S- | July 3, 2005 2:37 PM

I frankly wouldn't be surprised if Alestra profits in some way from the spammers. The fact they haven't bothered to take any action speaks volumes.

Posted by: Alden Bates | July 3, 2005 3:30 PM

Post a comment Site Map