Comment Spam

Am I the only one being hammered by comment spam all of a sudden?

Some idiot (61.49.249.52) in China has been inundating my blog with ridiculous comments and links to unrelated Chinese sites. I have had to moderate all comments. It seems the spammer is automating the attack, presumably using a web service that allows him or her to post comments to posts that are closed for comments. Presumably that’s a bug in the .Text server.

Tracing the IP address doesn’t give me much other than it appears to come from China. I love the fact that commenting is so easy with .Text but it sure opens things up for abuse.

I just noticed another blogger complaining. At least I'm not alone.

© 2004 Kenny Kerr

Published Tuesday, December 14, 2004 9:58 AM by KennyKerr

Comments

# re: Comment Spam

Wednesday, December 15, 2004 7:54 AM by David Brabant
Hi Kenny,
There are several solutions for .Text (from CAPTCHA to filtering content through triggers).
See here, for example:
http://blogs.clearscreen.com/migs/archive/2004/11/02/531.aspx
I personnaly use a trigger solution (that means you must have access to your SQL database server, of course). I can send it to you if you are interested. Last time I checked, my little trigger had filtered out more than 250 comments.

# re: Comment Spam

Thursday, December 23, 2004 3:22 AM by Norman Diamond
For e-mail, the second-most effective spam filter would be to reject all e-mail containing URLs or e-mail addresses hosted by Chinanet[*1], Beijing Telecommunications Authority[*2], NTT[*3], VSNL, Han___ something I forgot what, Certical, Telespam, Telmex, MCI[*4], etc. Surely blocking direct connections from the same IP address ranges would help prevent your troubles. Notice that these would not filter by language or country or continent, but would filter by known spam sponsoring operators.

For e-mail, the most effective spam filter would be language based. Rejecting all English-language e-mail would reduce spam by 99%. Of course this is not a serious suggestion on its own, but it's the only suitable reply when someone suggests filtering out languages or continents.

[*1 Almost looks like it's related to your spammer, but not an exact match.]

[*2 Related to your spammer.]

[*3 OCN, Sphere, Verio, etc. If done right, it would block this very followup. Tough shit for me, I'd have to connect from a different server.]

[*4 UUnet.]