[spam-stopper] A small akismet extension for updating htaccess

markus akismet at phpmix.org
Fri Jun 16 16:27:32 UTC 2006


Since I announced and released the Akismet module for Drupal, I have
observed that my site is now target for some spambots, hence I have now a
bit more food for testing :-(

I'm adding now a few more features to the module and I'm also thinking about
adding some kind of measures to prevent from having small DoS periods due to
spambots generating all the extra work involved in checking with Akismet,
sending e-mail notifications to spam moderators or whatever.

I guess it is important for Akismet to get as much information as possible
about spam (even if it is known), so I'm not thinking about adding heavy
algorithms locally or adding permanent bans (using Bad Behavior kind of
tools nor .htaccess)...

What I've been thinking is the fact that we may have spam in the moderation
queue. This is volatile information because it will be removed by a cron
task based on expiration (defined by module options). However, this is
information that we could perhaps use to checker before sending a request to
Akismet, and ban if the IP of a new attempt to post a comment matches the IP
of one of those items in the queue, or if the text of the comment matches
(good when spambots use proxies), or if URLs (full or only the host) in the
text matches, etc.

That is, I'm thinking just about measures against spambots. Simple checks
that could be made against known spam that we may have for a short period of
time in the queue. I'm currently coding a new version of the module, I would
love to hear thoughts or suggestions about that. :-)


Cheers
Markus



--- Original message follows: ---
rich boakes rich at boakes.org
Thu Jun 8 21:19:48 GMT 2006

Dirk Haun wrote:
> rich boakes wrote:

>> Basically when you the user deletes an IP
>> address based offender from Akismet they have
>> the option of banning that address from
>> connecting in future.

> A similar approach: I've ported Bad Behavior for Geeklog and when
> Geeklog's spam filter detects spam, it can optionally report the
> spammer's IP address to Bad Behavior. So it's Bad Behavior doing the
> blocking, instead of the .htaccess.

One possible advantage over (/assistance to) PHP
based solutions (such as Bad Behavior) is that
it works at the server level, so the 403 is sent
before PHP is invoked.

This may be particularly useful where
performance is important, but can also be
considered a disadvantage because whilst the
concept is portable, the htaccess file is not.

>> I think this potentially saves each server (and
>> the Akismet service) from an awful lot of work.
>
> It's not quite as successful as one may think, as spammers often use
> botnets or open proxies all over the place, so that identical spam is
> often coming from a lot of different IP addresses.

One thing that might mitigate this problem is
that the IP addresses this plugin blocks are
ones that are we know are targeting the blocking
blog, so the success ratio should be "better
than random".

That said, I have no preconceptions about how
successful it will be; but that's what I hope to
find out!

So far I've seen > 90% reduction in the need to
ask Akismet for help.  Perhaps someone on the
server side can have a look at the stats from my
ID to see if the difference remains significant
and useful over time.

Rich




More information about the spam-stopper mailing list