Neil Turner's Blog

Blogging about technology and randomness since 2002

Comment spammers are shooting themselves in the foot

(And now back to your regularly-scheduled non-political programming)
Dave‘s just come back from his cruise to find that his host had disabled his mt-comments.cgi script because it was being hammered by spammers and causing heavy CPU usage on the server. Dave has MT-Blacklist installed.
I’m seeing more and more bloggers disabling comments or only leaving them open for a short time to stop comment spammers from invading. If this is a trend, then it’s going to put the comment spammers in a very difficult position – they’re going to fast run out of sites with open comments to spam. By drilling us into the ground with incessant spam they’re biting the hand that feeds them. It’s only a matter of time before that hand stops feeding them and their plan backfires.
I’m getting hit quite heavily, and in fact I’m now forcing moderation of any comments using the .info and .biz domains in URLs. You may want to do the same.

6 Comments

  1. I’ve actually added .info and .biz to Blacklist. To date I’ve not yet seen those TLDs being used legitimately!

  2. It’s only a matter of time before that hand stops feeding them and their plan backfires.
    That’s one way of putting it Neil, but the other way is that ‘it’s only a matter of time before MT users will be forced to disable comments (yet again)’.
    Not good.
    And, also, what about the trackback problem?
    These problems are by no means MT’s alone, but MT is woefully weak at self-defence.
    The spammers won’t change – they will always have plenty of MT sites to target. MT need to change.

  3. What could help is a hidden randomly named field with a random value being inserted into the comments section of each page with the DB keeping track of which page has which settings. When a page is regenerated, change the values. If a comment is submitted and these “secret settings” don’t match the database, don’t allow the comment.
    That’ll force spammers to actually download the page before each comment (drawback: if there’s a “heated debate” then there’s a chance some comments will be missed due to human typing speed).
    Failing that, captchas (“type the word you see”) type solutions seem to be the only way…

  4. One thing I don’t quite understand people don’t try simply renaming the file on an individual basis and altering the references to it in the code. Generally spammers probably just add URLs of known MT/WordPress/whatever installations into their database and spam them all at once. If the default comments CGI file was renamed, that would no longer work, while it would be transparent to proper users.
    Or am I missing something?

  5. Ciaran – I renamed my mt-comments.cgi file and I still get hit. Richy’s idea of requiring a hidden value, like DMOZ’s ‘parsely’ function, is a good one but I don’t know if I have the technical expertise to pull it off.

  6. i’ve been using mt blacklist 2.0b and i hadn’t received any spam for a long time. but in the last week, i’ve gotten three that have slipped through.
    all three use real names, all three have some sort of “hey, what’s up” or “hello” message, all three comments are on the same post, and all three point towards domains that don’t exist.
    is that even considered spam?