The Spam Problem on This Blog Just Disappeared

The Workbench weblog is running my own software, implemented with PHP and MySQL in higgledy-piggledy fashion over the years. I just added functionality that can hide all new comments until they are approved by a moderator. During the blogging boom there were boisterous discussions on many of the posts here, so I didn't want to gum up the works. Every comment went up immediately. These days, 99 out of 100 comments are spam. I've been manually getting rid of them after they are posted, which ... (read more)

I've Disappointed a Comment Spammer

Though I haven't been blogging actively in recent years I've been cleaning out the comment spam regularly because I'll eventually be writing here again. This morning I found this gem on a comment touting a cheesy online Flash games site: The next time I read a blog, I hope that it doesn't disappoint me as much as this one. I mean, I know it was my choice to read, but I actually thought you'd have something interesting to say. All I hear is a bunch of whining about something that you could fix ... (read more)

We Have Always Been at War with Comment Spammers

This site continues to get 10-30 comment spams a day, along with the occasional comment to an old post that makes it worthwhile to continue offering the opportunity for reader feedback. I'm thinking about switching to a comment form in which the only way to add bold, italics and links is to use buttons that add the formatting in a markup scheme that nobody else on the planet uses. Comments that use HTML or Markdown would be rejected. Coming up with oddball and ultimately futile anti-spam ... (read more)

Email Templates for Dummies

An email I just received: I was just looking at your site, and I have a number of clients within our network who are looking for SAMPLE TEXT ONE. I don't work as a lead broker, referral agency or pay-per-click advertising. I'm simply looking to direct my clients to a relevant site when they're looking for SAMPLE TEXT TWO. Your site looks like it may be a good fit. I'm going to work with SAMPLE TEXT THREE today, therefore please call me as soon as possible. Update: An hour later I got another ... (read more)

Deterring Spammers with Fake MX Records

For the past 48 hours, I've been dealing with a Sendmail server that was shutting down frequently with a load average above 13. The server's getting flooded constantly with spam attempts to non-existent users on more than 100 domains. I've set up Sendmail to use a virtusertable that rejects every non-valid email address with a "user unknown" error. This is helpful, but Sendmail still has to take the time to reject each spam attempt. Since all but six domains on the server don't receive any mail ... (read more)

I Take Abuse According to RFC 2142

I was told Friday that Buzzword.Com has been added to a blacklist at RFC Ignorant because the domain doesn't have an abuse email account. Somebody wanted to report a spam blog on my server, and when he couldn't send mail to an abuse account here, I was turned in for RFC reeducation. RFC 2142 requires that web sites and other servers take mail at several standard mailboxes, including abuse@domain for complaints, postmaster@domain for issues regarding mail servers and webmaster@domain for web ... (read more)

Defending WordPress MU from Splog Abuse

Over the weekend most of my new WordPress MU weblog servers were hit by splogs -- spam blogs created by bots and filled with links to commercial sites. I added a WordPress hacker's unofficial patch that requires users to fill out a captcha to create a new blog. The patch modifies wp-signup.php and adds a new file, wp-valid.php that generates the captcha graphic using code from the Quick Captcha PHP script. The first two active blogs to spring up on these servers are Political Fretwork and the ... (read more)