Comment spam
Checking my mail this morning I saw 402 new mails in my Blog folder. Scanning the headers I quickly realized that this was just another comment spam attack. I'm running Movable Type as my blogging software and also have the MT-Blacklist plugin. And MT-Blacklist had forced moderation of 400 these comment spams. So the users of my blog didn't see any of these comment spams. Thanks MT-Blacklist. But I still have scan through all the comments checking to see if there's any valid comments in between and then deleting all those not valid. The comment spams are getting smarter and smarter so the comments aren't made from the same IP. They all come from different IP's. You can check my blog status here.
Currently the best method to avoid comment spam in Movable Type installations is to use the MT-Blacklist plugin. But there are other methods that you can use. Or perhaps combine to get even better protection.
Bayesian filter for MT
You will train your MT blog to learn about spams. The system started off quite dumb but as you train it, it will learn and become better at identify spam. Once it is sufficient trained, it will require little or no further maintenance. Training is just a fanciful word. What you are actually doing is blacklisting and whitelisting, except the system takes the whole content (not just IP or host) into consideration. Using these blacklist & whitelist which you tell it, it will attempt to guess (fuzzy logic) if other comments or pings are spams too.
MT-DSBL - Open proxy comment filter
This means that if your IP address is on a list of known open proxies (mostly used by email spammers, but recently by comment-spammers as well) you will not be able to post comments.
MTCloseComments
When executed this tag will change all open comments to closed comments on posts that are too old. This is controlled by an attribute on the tag or by the number of days for the main index.
SCode - Solution for comments spams
To cut the story short, I wrote a plugin to MT that will verify if it is a human before it allows comments to be posted. The idea is pretty simple: Display an image with a Security Code and demand the user to enter a Security Code manually before allowing posting to go through.
Ads:
3 Comments
Henrik, have you read Jay Allen's article about how to get the best out of MT-Blacklist? (http://www.jayallen.org/comment_spam/2004/12/getting_the_most_out_of_mtblacklist) . You might find that it'll block outright more of the spam rather than simply moderating it.
Comment by Neil T. at December 26, 2004 09:10 PM | Permalinkin my case close to 100% of comment spam comes in through open proxies. i developed mt-proxyplug to make sure that nobody behind an open proxy can submit comments to a blog. take a look at http://www.kahunaburger.com/blog/archives/000192.html
I switched to another blogging tool, but my old MT blog still attracts comment and referer spammers. It went even outrageously worse: See here.
Comment by alfons at December 26, 2004 07:52 PM | PermalinkI wonder how many other people have suffered these kind of MT targeted DDOS attacks.