[wp-hackers] Simple comment spam experiment

Alexander Beutl xel at netgra.de
Wed Apr 16 18:33:44 GMT 2008

When you talk about IP Adresses please be aware that there are huge bot nets
which were previously used for email.
You may force spammers to use them for commentspam too...
then you have x thousands of enemies which make use of dynamic IPs...
and no one will have to worry about more bandwith then, cause its not the
spammers then.

2008/4/16, Otto <otto at ottodestruct.com>:
> On Wed, Apr 16, 2008 at 10:25 AM, Matt Mullenweg <m at mullenweg.com> wrote:
> >  Because you do something that almost no one else does, and your site is
> not
> > a large enough target, spammers have not yet done the trivial workaround
> it
> > would require to get past this. If it was put into core, they most
> certainly
> > would.
> >
> >  So, continue to do this if it helps, just don't tell anyone. ;)
> >
> >  From 2002:
> >
> >  http://diveintomark.org/archives/2002/10/29/club_vs_lojack_solutions
> I'm well aware that it's not a viable solution for everybody, that
> much is obvious. Iw as even aware that it was not a new technique. I
> was simply stating what I found out and the state of the current
> spambots as I have seen them.
> I had not read that club vs. lojack solution thing before. It's
> interesting. But it also indicates that apparently not enough people
> are using clubs to make drilling through them worthwhile for the
> spammers to do, or at least, to do very often. Drilling through a
> hidden form field blocker is trivial, of course, but after over a
> month, nobody seems to have bothered.
> You're basically correct that if it was in the core code, then it
> would be easy enough to bypass, all that has to happen is for the
> spammers to load the comment forms up before submitting to them like a
> browser would. This would increase load on systems because of the
> added page generation and such.
> I don't know of a particularly good lojack solution, obviously. I can
> think of some ways to do it.
> Idea: when spam comes in and is confirmed to be spam, block the IP
> from that site for a time period. All access to the site from that IP,
> blocked with instant 403. If this gets to enough sites, then rather
> rapidly the spammers can't send spam anymore. Problem: Blowback.
> Spammers will effectively shut down these sites for dynamic IP users
> who happen to get one of those IPs. Plus side: it will encourage ISPs
> not to allow spammers onto their networks at all and to take more
> proactive measures against this sort of thing.
> Anybody else got any other lojack ideas?
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

More information about the wp-hackers mailing list