Thread

Sorry yet another spam related question.

So for those of you who may know while I seem to have solved most of my spam problem there is still a small, if constant, flow of comment spam.

I have Akismet installed so its not really a problem but while vetting the comments I’ve noticed that most if not all the comment spam getting through is attached to one particular post.  Now I can not work out why.  Its not a particularly new post so I’ve been wondering why.  Same Person/people/computer/computers/network…..? maybe?

So I ran the related IP addresses of the last few though the IP to Nation module.  4 different spam comments to the same blog post.  4 different countries (Brazil, Israel, US & India).  2 of which have exactly the same nonsensical email address, possibly a third which is so similar (one number different) that I think is from the same network/person, whatever…

I might add the nonsensical email addresses are becoming as familiar to me and as big an alert that screams ‘it must be spam’ as seeing the blog entry its trying to attach itself to since I’ve been deleting comments with that email address for the last couple of years. Even if it is with different IP’s.

Is there any point in manually typing the IP addresses into the blacklist?  Could they be as fake as the email addresses and names?

IP addresses are a lot more difficult to fake (the technical term is “spoof”) than email addresses, but it’s not impossible. That said, you can certainly add the mail address to your blacklist as well.

I, too, get certain older entries sometimes that are particularly prone to being spammed. I generally disable commenting on those, and more often than not 30 days after the initial post date as well.

I generally disable commenting on those, and more often than not 30 days after the initial post date as well.

Thanks for the input ingmar I didn’t realise I could do that.  Now I just have to work out how.

I’ll try adding the IP’s and emails to the blacklist and see if that works.  I guess its worth a try anyway.

Try the Accessible CAPTCHA extension as an additional line of defence.

I’ve found it filters out the majority of bots and used in conjunction with Akismet is pretty good.

you can certainly add the mail address to your blacklist

Which section would I add the email addresses to?  My blacklist has a section for IP addresses, URL’s and User Agent’s…

Thanks for the suggestion of the Accessible Captcha extension George I’ll look at giving it a try.

See CP > Admin > Weblog Administration > Weblog Management > Edit Weblog > Comment Expiration:

The number of days after an entry is posted during which to allow comments. Enter 0 (zero) for no expiration.

The problem with ip tracking and comment spam is that much of it is done by infected computers. they aren’t the real spammers, just the victims

I have rather limited sympathy for such zombies, but of course it’s true, much of todays’s spam comes from such bot nets. Still, nothing wrong with banning their IPs.

I have rather limited sympathy for such zombies, but of course it’s true, much of todays’s spam comes from such bot nets. Still, nothing wrong with banning their IPs.

Very true. I actually go a step further. I go to the server itself and i ban oountries from the firewall. russia, india, etc.

I try not to ban entire countries because of a handful of spammers. True, a lot of spam comes from Russia, but that doesn’t mean that all Russians are spammers. The largest percentage of email spam, by a surprisingly wide margin, still originates in the US.

So the spam is most likely coming from a computer with a virus or something?  Even if they do not know it they or there computer is still bombarding my site with spam.  I’d rather ban them than blame an entire country.

Are the comments self generating or are they usually comments they have made on someone else’s site or taken from something the ‘victim’ has actually written that is then sent out to sites like mine?  Honestly some of the comments are just plain odd.  Everything from praising god to liking the layout and colours of my site…  certainly nothing to do with the post in question.

yeah i hear you. I have a couple sites that get well over 30 million visitors per month. At that point you have to consider the numbers. how many people are going to be coming to my site from russia that are valuable to me? little if any. But i see lots of .ru in my logs that are spam. in those cases is makes more sense to ban the country. I’m not getting a benefit from them being there, but I’m fielding a lot of worthless spam, additional traffic and resource usage to manage it.

but in most cases, i think it’d be overkill, no doubt. it depends on the situation

30 million visitors per month

🐛

my little site gets nowhere near that kind of traffic or the associated spam you would get with it!

In my case, as you suggest, it would be overkill to ban an entire country.  Of course if I ever got that kind of traffic (roflmao)  and related spam :ahhh: I would probably reconsider.