Comments on: More Comment Spam

By: Rob

Rob — Wed, 17 Nov 2004 09:48:25 +0000

There was a wordpress ‘thing’ at one point that would do ’self-moderation’. ie send an email to the address given by the commenter and they have to click a link to activate the comment. Can’t remember what it was called though…

By: MKeeper

MKeeper — Mon, 15 Nov 2004 22:21:36 +0000

That might work for some of them, problem is where they spoof registered Domains. (We’ve been spammed at work from emails that are apparently from our own domain!) You can’t even use IP Tracking, as M$ had the brainwave idea of providing Raw Sockets in Windows, so you can spoof IP Addresses too (hence the power of DRDoS attacks).

A good idea though, it might help to block some of the more bizarre generated email domains (although once they start pretending to belong to genuine domains that goes out the window too).

Alas .. wordlisting gets screwed by so called “l33tsp34k”, where every combinations of letters and numbers need to be considered to block them (it’s amazing how people this stupid are capable of thinking of that many combinations of characters to try and say “adult”)

cheers

MKeeper

PS - nice to see ya AS been a while

By: techfreakz

techfreakz — Mon, 15 Nov 2004 17:34:24 +0000

how about writing a smart php module that verifies the domain of the sender's email address? just a thought

Cheers

By: Rob

Rob — Sat, 13 Nov 2004 12:26:05 +0000

I agree, i have been hit hard by this spammer also, one night i came back to my blog and found about 1000 comments waiting to be approved and about 300 on my site. I hate this guy!

By: dies-el

dies-el — Wed, 10 Nov 2004 09:22:24 +0000

As I said last time, blocking domain spam by domain is like trying to block email-spam by subject; It doesn't work.

I've got a script on desto.net that closes comments after 21 days, and that has removed comment spam (so far).