Pat Gunn (dachte) wrote,
Pat Gunn
dachte

On Blocking BLOGSpam

I get a fair amount of spam on my blog, and as a result whenever I get a decent amount of it gathered, I look at the apache logs and try to find ways to block it. Methods I've used, along with how much I think they're chopping things out:

  • Block individual IPs at the iptables level from all communication with my machine - I'd guess this chops out about 10% of my spam, but it's hard to know because I don't get logs of any sort from these attempts.
  • Reject comments where the IP of the machine that gets the comment form differs from that which posts the form - This cuts out the majority of my spam (probably about 75%) - it's not unusual for me to see the form retrieved from thailand and posted from china (or other similarly distant places. This has a cost - any proxy pools won't be able to comment on my blog (chopping out AOL at least). That's fine by me.
  • Keyword-based rejections - blocking mention of viagra, cialis, and a number of other products that spammers like to mention cuts out about 10% after the above.

Things I am considering doing:

  • Block Tor. In recent times, I've come to the conclusion that tor is a bad thing (it diminishes responsibility for one's computer), and I found a nice set of scripts to find IPs that would likely talk to my servers as tor proxies. I probably would just block tor from posting, as I don't like the idea of automating things that talk to iptables.
  • Block all of China, Korea, India, and other asian countries from commenting. I've only once had a proper comment from outside the Americas and Europe, and the majority of my spam comes from IP addresses in that sphere. This is definitely just WRT comments - I know I have readers elsewhere in the world.
Right now, about three bits of spam make it in every day.

I'm not currently looking at CAPTCHAs - it'd take some effort to implement, and would not stop the poor people who are paid to spam from doing so.

Slightly orthogonally, I found this on the topic of email spam. I've never seriously thought about such a system, but I've been on an anti-spam kick for the last few weeks...

Tags: blog
Subscribe

  • JS Ugliness

    I'm weirded out that standards for Javascript programming are so low. Having made a more-or-less a successful first project, where I really rushed…

  • Controversial Opinions in Programming

    I like that recently there's been a meme floating around, started by one good blog post that got a lot of airtime, of posting and then talking about…

  • Firefox and Clipboard-clobbering

    I often find that my PRIMARY clipboard (the one associated with mouse selections in the X Window System, not to be confused with the CLIPBOARD…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments