Sun, 20 Jun 2004

More Blog SPAM (and a solution implemented)

And I thought the attack on May 26th was bad. Today the SPAM maggots infested my writeback files over 500 times, with everything from Viagra and casinos to government grants and hot lolitas. I was seriously pissed off, but at least it prompted some actions - after I temporarily took writebacks offline and cleaned up the mess.

I have been thinking about this problem for some time, and most of the poffered solutions seemed, well, a bit thin. I could filter by IP, but what good does that do in a world of DHCP servers? I could kill on keywords, but then I'd lose the ability to comment myself on some topics, which may have some humor or even news value in addition to being (or at least containing the same keywords as) common SPAM shit. I could implement some Bayesian filtering scheme and get more surrealist tripe.

I could always have folks email their comments - but I get more than enough mail as it is. Or I could put up one of those images like Google or Yahoo! do, forcing you to squint and read a mangled string and type it in a box as text.

The last actually sounded like a better approach than any of the others, except for the fact that I personally find such things incredibly difficult. Yeah, that's right: at 47 I'm into bifocals. And reading some of the images they spit out can force me to remove my glasses and press my face against the screen: and still guess wrong.

So I thought a bit, and figured I'd give my variation on this theme a whirl. Rather than having you figure out what number to enter graphically, I've written a rather obtuse paragraph describing the process in terms no human could miss, but no bot should be able to catch. And worse - if a bot does hit it with a wrong entry, the page gives no indication that anything actually happend: no "Thanks for the writeback" or "Sorry" messages at all. Just a reloaded form.

We'll see if this works. It may have disabled trackbacks, but Hel, I'm not sure they ever worked in the first place, as I really haven't much of a clue about them to begin with. I sure have learned alot of Perl in hacking away on Blosxom, though, and that's a good thing. Much more of this and I'll be dreaming in regexp.

But if this scheme fails and I have to go thru what I went thru today again, writebacks are gonna hafta go until some other solution is found. These bastards are doing their level best to wreck the Internet, and I'm not going to sit idly by while they turn my online world into a continual advertisement.

/Home | 0 writebacks | permanent link

comment...

 
Notes: If you put a <mailto:> link in the URL field your address will not be mangled: this could be a bad idea as your email address could be easily harvested by bots designed for SPAM. The comments field should now format correctly for line feeds and carriage returns: when you hit the 'Enter' or 'Return' keys in your comment it should break to a new line. The text should wrap cleanly. Please let me know if it doesn't. No HTML tags will pass through - entering links seems to be the main cause of comment SPAM. Also, please be sure that Javascript is enabled in your browser before attempting to post a writeback. Sorry for any inconvenience, but this really helps cut down on the amount of comment SPAM I have to deal with.
 
 Name:
 URL:(optional)
 Title: (optional)
 Comments:  
Save my Name and URL/Email for next time