When reading through my log files too see how my spam filtering was performing, I realised that today I had blocked 40 spam attempts and none got through! Most of them was not actually blocked by phpSnatch, but was in fact blocked by the “max. 5 links per comment” rule.
In your face - you fucking, slimy, fat-ass, jerk-off spamming sons-o’-bitches!
phpSnatch or not, it’s nice to see, that it is actually possible to protect oneself against most of the spam. I just hope they won’t start posting X posts with 5 links in them, instead of just one huge post… But I guess I’ll just have to wait and see — and hope they don’t actually read my blog, ’cause then I’ll just have given up the secret.
Only one thing really nags me. These spam attempts seems pretty coordinated. Every attempt is made with intervals of approximately 35 minutes in waves lasting 20-22 hours. Not many of the IP addresses resolved to any valid hostnames - neither did they respond to ping probes. It’s not like I’m thinking that they are directly targetted against me, but it does appear like either a cronjob or some sort of worm.
If anybody knows something about this kind of spamming, please feel free to comment on it or email me, ’cause as you can plainly see, I’m not really that much into it, I’m just fighting to keep it off.
Turns out I forgot to activate/implement all my new fancy spam filtering, so I just had the pleasure of removing 43 spam comments from the database. Now I hope my new filters can keep them out, if not, then I guess I’ll just have to implement some sort of “type the text in the image” for the comments, ’cause there’s no way I’m letting my blog become a target of more spam.
I’m currently implementing phpSnatch, but it will probably take some time before I get the spam score threshold adjusted right.
Finished up on the first release of phpSnatch (0.1) and now it should be ready for use. I’m not saying it’s stable or anything, but it should work. (Again, test it at: http://penguins.linux.dk/phpSnatch/test.php.)
On my server it’s a little slow, since SpamAssassin isn’t the fastest thing on the earth, but it might differ very much from your experience. Please try it out and give me some feedback on it.
I’m probably going to dedicate a page on this site to it later, but as of now I’ll concentrate on developing it. So for now you’ll have to live with the README in the package, which has an example of use and installation instructions. You can also view the README through the Subversion repository.
Sat down for a couple of hours and hacked this together: phpSnatch. It’s a Content Spam Filter, designed to scan e.g. blog comments, forum posts, wiki-entries and assign them a spam value, which the coder then can implement a reaction to (e.g. a block, notification, move to moderation queue or something completely different). It uses the almighty SpamAssassin for scanning and assigning Spam Points. It works by creating a temporary mail file (yes, a simple mail-file), which SpamAssassin then scans and reports back on. The output from SpamAssassin is then parsed by phpSnatch and can easily be handled by any PHP script.
A demonstration of this early pre-alpha-beta-unstable-rev9 non-release can be found at http://penguins.linux.dk/phpSnatch/test.php where you can try entering some values and have them estimated. The source code for the scanning process can be seen at http://penguins.linux.dk/phpSnatch/scan.phps.
As you can probably see it’s very simple to use, but things might be a bit unstable here in the beginning, so of course, there’s absolutely NO WARRANTY should you choose to use it. The author takes ABSOLUTELY NO RESPONSIBILITY FOR ANYTHING.
It’s free as in speech AND as in beer, so feel free to do whatever you want with it, just don’t blame me if something doesn’t work as expected or if it screws up anything.
Just installed WordPress for Solveig [da] and realized that WordPress blocks spam by counting links in the comments. (Now, why didn’t I think of that?!?) So from now on - as soon as I get this implemented, that is - any comment with more than 5 links in it will be brutally slain, deleted, redirected to /dev/null, killed, banned, busted, maculated, obliterated, destroyed and even more killed…
I guess that won’t protect me from all comment spamming, but it certainly would have stopped those suckers mentioned in my last entry.
Please let me know if you hold the secret to the ultimate spam blocking - if you’re willing to share it of course. It’d be most appreciated.