FOCUSer.net has been bambarded with lots of comment spams lately. As many members do not check their emails regularly for comment notifications, many spam messages were left there for a day or two. I have been tuning the Apache server configuration to block out spam bots, but many of them still manage to slip through by supplying “real” user-agent and referrer information. I can’t block by IP’s either, as they seem to be coming from everywhere – probably from virus infected zombie PC’s.
So I fell back to the mighty MT BlackList, and tried to manually add offending domains to the black list. But the effort was in vain – all of them have different domains! One way to stop spamming is to reduce the commercial viability of the spammers, based on the principle that if they can’t make profit, they will stop. Black listing domains has been an implementation of that principle, assuming that the spammers cannot have unlimited supply of domains, as registration new domains on TLD costs money…
Until some registrars started to offer free .info domains for one year. When the news hit the street over 2 months ago, I initially thought that the idea was interesting – you can register up to 20 .info domains for free. Who would want to register that many second-level domains with only 1 year expiry, other than the evil domain squatters? But apparently spammers, who represent another form of evil on the Internet, have found a new application on these free domains – to defeat the black list.
That is exactly what has been happening. Many spam-bot generated comment spams over the last couple of days were pointing to many weird but unique .info domains. There is no way that I can block every single one of them with MT BlackList, especially when they can quickly register new ones at no cost!
At the end, I am very tempted to just block the entire .info domain from leaving comments on FOCUSer.net, since over the last 2 years no one has ever commented on these blogsites with a .info domain, other than the comment spammers. We’ll see.
Oh I hate comment spams!
I heard that with MT-Blacklist you can block comments based on their contents. So you can ban comments that contain certain words/phrases, or ban the URLs that they’ve been posting so that they can’t post them anymore. And if you get spams with new URLs you can do a Search & De-Spam, which is easier than deleting them one by one.
my vote is with blocking the whole .info domain …
My idea, not yet implemented is:
- Have comments form in a popup window… (I know the controversy… hey, popup can be used for good)…
- Have
By looking at the log, spam bots actually reads in the page, and spam your mt-comments.cgi subsequently.
Have popup does not help, as all POST requests still have to go through mt-comments.cgi. Encode the whole page into Javascript might trick the spambot, but it also limits who can read your pages (search engines, archivers, etc). There are plug-ins that adds extra authentication to prove that you are indeed a human, like image text. However, it does not work against a human spammer on the other side of the net – could reduce his rate of spamming through. All these would require updating of everyone’s templates though, which is not ideal.
But I’ll suggest everyone turning on their MT-BlackList setting – at least it would block majority of them.
And just for information only, I’ve looked up the number of .info domains used for referral spamming so far this month (which is less than 5 days), and there are 227 unique .info domains being used! Yuk.