Comments on: Fighting Trackback Spam with Email Blacklists http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/ ShafTek.org = SHAFranovich TECHnologies Wed, 23 Dec 2009 13:41:13 -0500 http://wordpress.org/?v=2.8.6 hourly 1 By: grumpOps http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/comment-page-1/#comment-124 grumpOps Tue, 01 Feb 2005 21:33:06 +0000 http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/#comment-124 <strong>The Blogosphere and Blacklists</strong> Yakov has got me thinking about anti-spam methods applied to blog comments and trackbacks. He has done some work looking at DNS Realtime Black Lists or RBLs (list of banned IP addresses) and found that an astonishing percentage of comment spam can b... The Blogosphere and Blacklists

Yakov has got me thinking about anti-spam methods applied to blog comments and trackbacks. He has done some work looking at DNS Realtime Black Lists or RBLs (list of banned IP addresses) and found that an astonishing percentage of comment spam can b…

]]> By: netwizard http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/comment-page-1/#comment-123 netwizard Tue, 01 Feb 2005 20:42:10 +0000 http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/#comment-123 I hear you loud and clear, but unfortunatly I am not the first to suggest it. See <a href="http://bradchoate.com/weblog/2004/11/05/mt-dsbl" rel="nofollow">MT-DSBL</a> and <a href="http://weblog.sinteur.com/index.php?p=7967" rel="nofollow">WP-DSBL</a>. My main point here was to observe how email spammers and comment spammers tend to use the same machines, and attacking both with the same tools is helpful. What is more interesting now is the fact that the tools used to fight comment spam are mirroring exactly the evolution of tools used for email spam. For example, another commenter suggested the filtering of proxy names which is something that SpamAssassin did originally for X-Mailer tags. There is also the TypeKey service from SixApart which is basically authentication. There is also blacklists, Turing tests, Hashcash, etc. The key is what can we learn from email so we don't make the same mistakes. I don't really know if we will. I hear you loud and clear, but unfortunatly I am not the first to suggest it. See MT-DSBL and WP-DSBL.

My main point here was to observe how email spammers and comment spammers tend to use the same machines, and attacking both with the same tools is helpful. What is more interesting now is the fact that the tools used to fight comment spam are mirroring exactly the evolution of tools used for email spam. For example, another commenter suggested the filtering of proxy names which is something that SpamAssassin did originally for X-Mailer tags. There is also the TypeKey service from SixApart which is basically authentication. There is also blacklists, Turing tests, Hashcash, etc.

The key is what can we learn from email so we don’t make the same mistakes. I don’t really know if we will.

]]> By: Grumpy http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/comment-page-1/#comment-122 Grumpy Tue, 01 Feb 2005 19:33:07 +0000 http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/#comment-122 In the email world blacklists are the devil's spawn. Why would we want to inflict that upon this new medium? In the email world blacklists are the devil’s spawn. Why would we want to inflict that upon this new medium?

]]> By: netwizard http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/comment-page-1/#comment-121 netwizard Tue, 01 Feb 2005 18:51:21 +0000 http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/#comment-121 Unfortunatly its only a stop-gap solution EXACTLY like email spam. For an example, see <a href="http://spamassassin.apache.org/presentations/2004-09-Toorcon/html/mgp00005.html" rel="nofollow">this presentation</a> of how in the early days spamware used to announce itself in email. That is no longer true, and the same will apply here. Unfortunatly its only a stop-gap solution EXACTLY like email spam. For an example, see this presentation of how in the early days spamware used to announce itself in email. That is no longer true, and the same will apply here.

]]> By: cindy http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/comment-page-1/#comment-120 cindy Tue, 01 Feb 2005 17:55:42 +0000 http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/#comment-120 as of this morning you can also block them by checking http_via for pinappleproxy. as of this morning you can also block them by checking http_via for pinappleproxy.

]]> By: John http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/comment-page-1/#comment-119 John Tue, 01 Feb 2005 17:33:56 +0000 http://www.shaftek.org/blog/2005/02/01/fighting-trackback-spam-with-email-blacklists/#comment-119 Another interesting trick you can use is see what IP address the URLs in comments point to - most comment spammers and referrer spammers have there sites at only one or two IP addresses. Simply block the posting if an URL resolves to one of the forbidden IP addresses... Another interesting trick you can use is see what IP address the URLs in comments point to – most comment spammers and referrer spammers have there sites at only one or two IP addresses. Simply block the posting if an URL resolves to one of the forbidden IP addresses…

]]>