fighting spam

so i came across an interesting spam issue this week over on the frames' website.

We have a really simple stats tool that works out who spends the most time on the message board (based on # of posts) - some people really do no work at all! on monday (01 Jan) I noticed that the top 7 or 8 or had spam type names (vigra@online, etc) which tweaked my interest.

so after a bit of investigation, i found that one particular url had made it into a spammer's attack vector list - getting hit multiple times in one day (over 1600 spam replies to the thread). my initial inclination was to block the IPs previously used (no joy! these spammers are no doubt using open proxies / infected machines).

next step was to implement some sort of lookup on the IPs posting - i checked a random sampling of the IPs against email blacklist and lo-and-behold they were mostly listed on email blacklists too. bingo - check IPs against blacklists before accepting the post.

so now all attempts to post to the frames' message board require the user's IP to be checked against the following BLs:

  'sbl-xbl.spamhaus.org',     //www.spamhaus.org
  'bl.spamcop.net',           //www.spamcop.net
  'no-more-funn.moensted.dk', //no-more-funn.moensted.dk
  'list.dsbl.org'             //www.dsbl.org

we've also implemented our own ip blacklist for sin binning consistent abusers of the board (cease and desists to their network admins usually does the trick though!)

here's the link to the code we're using: http://www.frozenminds.com/spamblacklist.html
here's the link to the thread that was getting spammed: http://www.theframes.ie/v4/comm/msgboard/view/42874/

Comments

Post a Comment

Popular posts from this blog

Want to export all *your* facebook data? you now can...

1. Click on account in the bar above. 2. Click on "Account settings" (or just go to https://register.facebook.com/editaccount.php ) 3. look for the "Download your information" section. 4. click on "learn more" 5. click on "Download" 6. wait for the email from Facebook. 7. download the zip file with your data. 8. PROFIT!! Note: you can't download information by other people (including their email addresses). There are some workarounds but personally, I'm not that fussed about this limitation. Getting *my* data out of facebook is much more important. Thanks facebook! Took you a while but this makes me a little happier. :) original blog entry: http://blog.facebook.com/blog.php?post=434691727130 boot note: I was originally going to post this as a facebook status update but the length was too long (720 characters vs the 420 character limit). so now it's on my blog which will propagate to facebook... =)
Read more

Writing valid/standard code

One of my pet interests is in writing standardized code... Today I came across http://www.prestigeproperties.ie/ and was horrified to find that people were still creating websites this bad for their business. I maintain a few websites and I try to keep them validated to at least one HTML / XTML standard. But as far as I know, having valid HTL/XHTML/CSS is fairly low on most webmasters priorities... and here's some quick stats on websites i visit often... BAND SITES http://www.theframes.ie/ (passed) http://www.mundy.ie/ (passed) http://www.markgeary.com/ (passed) http://www.micchristopher.co.uk/ (passed) http://www.turn.ie/ (9 errors) http://www.paddycasey.com/ (3 errors) http://www.roadrecs.com/ (56 errors) http://www.u2.com/ (23 errors) http://www.mikescottwaterboys.com/ (15 errors) http://www.irishmusiccentral.com/ (207 errors) http://www.bellx1.com/ (17 errors) http://www.ash-official.com/ (7 errors) http://www.damienrice.com/ (11 errors) http://www.damiendempsey.c
Read more