The evil spammers have websites listing blogs that are ripe targets for their filthy spam, so it’s only fair that we also share ways to successfully beat them back into submission. I’ve been using Akismet pretty much exclusively on my blog since switching back to WordPress. It’s been pretty good, but sometimes goes into “large-bore [...]
I got word back from Akismet that using it on UCalgaryBlogs.ca to protect all of the blogs hosted there falls under the free license, despite the wording on their website that suggests it’s an enterprise use. This means I’m now able to protect all blogs on the service with Akismet, without requiring a Captcha challenge.
The [...]
I just got confirmation from Akismet that I can use the antispam service for free on UCalgaryBlogs.ca – early next week I’ll figure out how to mu-plugin ify it, and hardcode the keys and links so everyone’s covered automatically by Akismet. Sweet.
I’d missed the news, but the latest version of the Akismet plugin for WordPress includes some tasty stats. As with all things statistical, there’s a few ways to read the numbers, and there are some anomalies (ferinstance, it claims I had a few days of over 1000 ham i.e., valid comments per day and that’s [...]
Mollom’s been doing a simply outstanding job of blocking spam lately, after the warm-up period. Unfortunately, it appears to be doing a bang-up job of blocking legitimate, breathing humans who are trying (and failing) to comment. I’m moving antispam back to Akismet for awhile, and am hoping it’s just a growing pain for Mollom – [...]
I just got this spam on my blog – it got through Akismet, as so many spams do lately, but it’s worth posting (at least in image form so the spammer doesn’t get any juice from it):
And, yeah. I hit the “Spam” button to file this in /dev/null even if the guy was honest(ish). I’m [...]
My blog has been receiving spam in what looks to be a new wave of spam attacks. First, the spammers seed the whitelist by posting apparently innocuous comments with no URLs, or with a URL that doesn’t contain spam. Then, once they’re in, they wait a bit and then throw the switch. The spam starts [...]
After switching from BadBehavior+Spam.module back to Akismet, I assumed I’d be in for a bit of an onslaught of spam. I was braced for impact. I can’t believe the sheer volume of sustained attempted spam comments that are constantly being flung against this blog, 24/7 now. It’s peaked at several attempts per second, which was adding a bit of a load to the server as it struggled to thwart the forces of evil.
Shortly after switching to Akismet, and enabling the experimental spam detection, I was seeing this:
Now, that might not look like much, but it suggests that Akismet was having to reject attempts several times per minute. Fast forward 24 hours, and I see this:
Again, not looking like much, but the interval between Akismet interventions is getting longer. Either the spammers are slowly starting to give up, or this is just a natural lull. I mean, there can be several minutes now without an attempted spamment posting. Entire minutes!
Now, the downside of Akismet is that I can’t use it on any of my campus projects. The cost of licensing Akismet for the number of sites we have would be prohibitive, given our budget asymptotically approaching zero dollars (CDN).
OK. Even I am getting sick of the incessant "spam blocking update" posts, but I figure if it helps even one other person put the brakes on the attempts of the evil spamroaches, it's worth it.
So, here's the latest. I got frustrated with the number of spamments that snuck through the combo of Bad Behavior and Spam.module, so I disabled both. I've reverted to using only Akismet.module, with the experimental spambot detection/prevention enabled.
And, so far, it's doing a better job at blocking the roaches. I've got no idea if it's also blocking legitimate hu-mans, though.
One nice thing about Akismet.module vs. spam.module – with Akismet's experimental spambot prevention, it's closer to acting like Spam Karma 2, where if you smell like a roach, you don't even get close enough to pop the lid off your can of spray paint.
I'll have to look into updating Akismet.module for Drupal 5. There's really no sense in actually moving to D5 without spam blocking. That'd be kind of silly.
As an aside, I was looking through some of the logs, and found an interesting user agent, which led me to the product website for one of the evil spam roach comment bot factory applications. They have disclaimers on the site saying they don't condone using their product without the permission of the blog owners. What? Permission? What a frakking load of ass-covering crap that is. Yeah. You're going to give someone permission to aim a program titled "Blog Post Uzi" – because, you know, Uzis are all warm and fuzzy, and the kind of thing that friends give permission to other friends to point at each other. Yeah. Permission to spray the output of a concealable assault gun. Whatever. Karma's going to catch up to you in spades, my friends at Promo Arsenal (dot com).
I was just clearing out the last of the comment spam – I'd let it stew in the database (unpublished) but thought I'd take a quick peek to see if there were any false positives. I thought I'd found one – a comment marked as spam, but with content portraying sympathy with my plight against these spammers – that they must be stopped.
A Spammer Responds (screenshot): This spam roach was trying to get whitelisted by commiserating on the evils of spammers… It didn't work – Akismet sniffed it a mile away.
So, without thinking, I clicked "submit ham" – to tell Akismet that it was a bona fide comment. Then, I checked the URL to see which friendly blogger was commenting.
And got a spam site.
The spammer was trying to get through the filters by reading my recent post and trying to get whitelisted by posting something not spamish at first glance. But, Akismet had stopped him in his tracks – until I clumsily intervened. It's now re-flagged as Spam, and banished to that special inner circle of hell reserved for these roaches.
