This site continues to get 10-30 comment spams a day, along with the occasional comment to an old post that makes it worthwhile to continue offering the opportunity for reader feedback. I'm thinking about switching to a comment form in which the only way to add bold, italics and links is to use buttons that add the formatting in a markup scheme that nobody else on the planet uses. Comments that use HTML or Markdown would be rejected. Coming up with oddball and ultimately futile anti-spam techniques is a long ... read more

An email I just received: I was just looking at your site, and I have a number of clients within our network who are looking for SAMPLE TEXT ONE. I don't work as a lead broker, referral agency or pay-per-click advertising. I'm simply looking to direct my clients to a relevant site when they're looking for SAMPLE TEXT TWO. Your site looks like it may be a good fit. I'm going to work with SAMPLE TEXT THREE today, therefore please call me as soon as possible. Update: An hour later I got another email with the ... read more

For the past 48 hours, I've been dealing with a Sendmail server that was shutting down frequently with a load average above 13. The server's getting flooded constantly with spam attempts to non-existent users on more than 100 domains. I've set up Sendmail to use a virtusertable that rejects every non-valid email address with a "user unknown" error. This is helpful, but Sendmail still has to take the time to reject each spam attempt. Since all but six domains on the server don't receive any mail at all, I wanted to ... read more

I was told Friday that Buzzword.Com has been added to a blacklist at RFC Ignorant because the domain doesn't have an abuse email account. Somebody wanted to report a spam blog on my server, and when he couldn't send mail to an abuse account here, I was turned in for RFC reeducation. RFC 2142 requires that web sites and other servers take mail at several standard mailboxes, including abuse@domain for complaints, postmaster@domain for issues regarding mail servers and webmaster@domain for web servers. According to ... read more

Over the weekend most of my new WordPress MU weblog servers were hit by splogs -- spam blogs created by bots and filled with links to commercial sites. I added a WordPress hacker's unofficial patch that requires users to fill out a captcha to create a new blog. The patch modifies wp-signup.php and adds a new file, wp-valid.php that generates the captcha graphic using code from the Quick Captcha PHP script. The first two active blogs to spring up on these servers are Political Fretwork and the Ad Whisperers. ... read more