Alden Bates' Weblog: Blog Spam status report

Ads by Project Wonderful! Your ad here, right now: $0

Home : June 2005

« Raspberry Coke: the Verdict | Main | Wireless networking problem - sorted! »

Blog Spam status report

Filed in: Spam.

First trackback spam in a while got through today... It managed to get past MT-Blacklist, but was moderated by MT-Moderate before it could appear on the entry.

At least (as far as I can tell from my logs anyway) the Bulgarians have given up trying to comment spam me constantly - the last hit from that was around the 16th of last month. The .htaccess filters I got from Spamhuntress' site were pretty much blocking their hits...

It looks like they're concentrating on trying to trackback spam me - I'm still getting plenty of spam trackback pings, though I don't think the one that got through was from them... Many of the pings are coming through alestra.net.mx, which I have blocked in .htaccess, of course. Those pings which have gotten through have been stopped by MT-Blacklist.

808 hits blocked so far (though that's not accurate because I refined the regex a couple of times). I'd like to just block pings with links in the body, but (a) I'm not sure if that would block valid pings, and (b) MT-Blacklist doesn't have any way to specify comment versus trackback or specific fields thereof.

I'm also tempted to try hacking MT-Blacklist to return a 403 when it blocks a ping, on the off-chance it might discourage the spammers further...

Posted June 2, 2005 9:17 PM

Comments

My webhost blocked alestra.mx's open proxies at the firewall level, along with the most offending repeat open proxies being used by the same spammer/s ("the Bulgarians" as SpamHuntress refers to them).

Everyone should just block the Mexican proxies because they are responsible for enabling a huge amount of spam all over the internet. I don't know why, as in, what's their problem, why they're fascilitating the spam, unless, obviously, they're getting profiting from the process (which means, they're participating).

In the realm of politics, it seems that conservative and/or "anti spam" blogs get the worst of their efforts. Not a surprise there.

MT Blacklist does block most of it but unless they are prevented access at the server firewall level, the spammers (and particularly the open proxies of alestra.mx) continue to hit the server every two seconds...sometimes for hours on end. There are others, but mostly people should block all open proxies if and when they can. From the servers, I hope that more will block alestra.mx because alestra is obviously not willing to take actions themselves to stop what they're doing. Not like they are unaware of the problem is my point.

Posted by: -S- | July 3, 2005 2:36 PM

For reference...here's a site that lists public proxies (not that you aren't already aware, just saying):

http://www.publicproxyservers.com/page1.html

Posted by: -S- | July 3, 2005 2:37 PM

I frankly wouldn't be surprised if Alestra profits in some way from the spammers. The fact they haven't bothered to take any action speaks volumes.

Posted by: Alden Bates | July 3, 2005 3:30 PM

Alden Bates' Weblog

Feigning normality since 1973

Blog Spam status report

Comments

Post a comment


	Home : June 2005 Alden Bates' Weblog Feigning normality since 1973 « Raspberry Coke: the Verdict \| Main \| Wireless networking problem - sorted! » Blog Spam status report Filed in: Spam. First trackback spam in a while got through today... It managed to get past MT-Blacklist, but was moderated by MT-Moderate before it could appear on the entry. At least (as far as I can tell from my logs anyway) the Bulgarians have given up trying to comment spam me constantly - the last hit from that was around the 16th of last month. The .htaccess filters I got from Spamhuntress' site were pretty much blocking their hits... It looks like they're concentrating on trying to trackback spam me - I'm still getting plenty of spam trackback pings, though I don't think the one that got through was from them... Many of the pings are coming through alestra.net.mx, which I have blocked in .htaccess, of course. Those pings which have gotten through have been stopped by MT-Blacklist. I have a regex set up in MT-Blacklist which stops all of their trackbacks. The software they're using generates random sentences all in the same format using a small collection of phrases: (check\|visit\|check out) (the\|some) (sites\|pages\|relevant pages\|helpful info\|information) (in the field of\|dedicated to\|about) 808 hits blocked so far (though that's not accurate because I refined the regex a couple of times). I'd like to just block pings with links in the body, but (a) I'm not sure if that would block valid pings, and (b) MT-Blacklist doesn't have any way to specify comment versus trackback or specific fields thereof. I'm also tempted to try hacking MT-Blacklist to return a 403 when it blocks a ping, on the off-chance it might discourage the spammers further... Posted June 2, 2005 9:17 PM Comments My webhost blocked alestra.mx's open proxies at the firewall level, along with the most offending repeat open proxies being used by the same spammer/s ("the Bulgarians" as SpamHuntress refers to them). Everyone should just block the Mexican proxies because they are responsible for enabling a huge amount of spam all over the internet. I don't know why, as in, what's their problem, why they're fascilitating the spam, unless, obviously, they're getting profiting from the process (which means, they're participating). In the realm of politics, it seems that conservative and/or "anti spam" blogs get the worst of their efforts. Not a surprise there. MT Blacklist does block most of it but unless they are prevented access at the server firewall level, the spammers (and particularly the open proxies of alestra.mx) continue to hit the server every two seconds...sometimes for hours on end. There are others, but mostly people should block all open proxies if and when they can. From the servers, I hope that more will block alestra.mx because alestra is obviously not willing to take actions themselves to stop what they're doing. Not like they are unaware of the problem is my point. Posted by: -S- \| July 3, 2005 2:36 PM For reference...here's a site that lists public proxies (not that you aren't already aware, just saying): http://www.publicproxyservers.com/page1.html Posted by: -S- \| July 3, 2005 2:37 PM I frankly wouldn't be surprised if Alestra profits in some way from the spammers. The fact they haven't bothered to take any action speaks volumes. Posted by: Alden Bates \| July 3, 2005 3:30 PM Post a comment Name: Email Address: URL: Remember personal info? Comments: (you may use HTML tags for style)
Tetrap.com Site Map