« 20,000 spam attempts per day (and counting)
Where did the Flickr Schwag go? »
Jun 26 2006

Antispam Update

Posted by: dnorman in Uncategorized, tags: , , ,

The spammers started trailing off not long after I wrote the previous post - before hitting their target of 20,000 spam attempts in 24 hours. They punked out at about 18,000 - then I closed the door with the Bad Behavior module.

It was kind of interesting leaving the spammers swarming around my blog as a honeypot, but the load was just getting annoying. Since enabling Bad Behavior, Akismet has had to deal with less than a dozen spammers getting through in about 24 hours - and I haven’t had to deal with (or even be aware of) any of them. That’s a wee bit of a change…

Bad Behavior makes me a bit nervous though, because it is rather unforgiving by design. If it thinks you’re a spammer, or if your IP has been used by a spammer, you’re locked out. No second chances. That’s good, but it’s also a bit authoritarian. There’s also no admin interface for it, so if I want to unblock someone, I have to dig around in the database to nuke the appropriate records.

I’ll keep an eye on things, but it’s pretty cool knowing that this blog could handle a pretty intense load without breaking a sweat, that spammers will not be getting in, and that it takes basically no effort on my part to maintain things. Very cool.

This entry was posted on Monday, June 26th, 2006 at 12:33 pm and is filed under Uncategorized.You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

5 Responses to “Antispam Update”
  1. Heather says: June 26th, 2006 at 12:59 pm

    D'Arcy I'm curious, if you were still with WordPress would you still be using Spam Karma2? I've found it quite helpful.

     

  2. dnorman says: June 26th, 2006 at 3:28 pm

    Heather - I’d likely still be using SK2. I had no reason to move away from it. It was/is quite bulletproof as well. If only there was a Drupal port… :-)

  3. jdw23 says: June 26th, 2006 at 3:58 pm

    Hi D'Arcy!

    I've been following your recent posts as I will need to install anti-spam software on my site soon. My question: are you running Akismet and Bad Behavior together? I was under the assumption that they were separate solutions for the same problem; I didn't realize they would work in conjunction together. Any chance you could briefly outline the benefits or reasons for using each, and why one might want to use them together?

    Thanks!!!

    Jon

     

  4. dnorman says: June 26th, 2006 at 4:04 pm

    I’m (currently) running both Bad Behavior and Akismet.

    Occasionally, an evil spammer resorts to manual spam entry - using a regular browser to paste their stuff in. I think they do this to test the antispam software on a site. That type of spam will likely (hopefully) get past Bad Behavior, since it will look like any other valid user.

    For those, Akismet cleans up what gets through. It seems like a pretty solid combination - two wildly different approaches to antispam, filling in each other’s gaps.

  5. greggles says: July 4th, 2006 at 11:32 am

    One idea you could try as an improvement to BadBehaviour is to add a cron hook that deletes IPs from the address after a certain amount of time.  That way you punish a spammer who is targetting your site, but then, maybe a week later, that IP is un-banned from your site.  This way if it was a compromised home machine or a dynamic IP that has been reallocated or whatever then the legitimate visitor no longer has problems.

     It's the "tit-for-tat" game theory solution: if you are wronged by someone else then quickly respond in kind by being harsh to them, but also be sure to forgive quickly.

Leave a Reply

Readers who viewed this page, also viewed:

  • N/A
Creative Commons License
This work is licensed under a Creative Commons Attribution 2.5 Canada License.