Thursday, September 28, 2006

Time to Rally the Anti-Spammers

After the demise of Blue Security and this recent meaningless default judgement against SpamHaus, the spammers are getting braver and bolder by the day. Now, one of the most vocal anti-spammers around, SpamHuntress, has recently come under attack after exposing a few people that really didn't want to be exposed.

Even one self-professed blackhat SEO web spammer has the audacity to tell SpamHuntress to "get a life" because she must be cutting into his livelihood. Maybe I'm just too lazy, but who would've ever thought of registering for a bunch of forums and never posting as an SEO tactic? Using his DISY registration spamming script probably sped it up and he's busy making friends [scroll to bottom] as well.

OK, so now the phpBB people will need to be alerted to add NOFOLLOW to all those links in the registration page to stop this SEO vulnerability, but I digress, will rant about that later.

Unlike email spam, which is a real pain in the ass to stop, there is absolutely no reason we have blog, forum or guestbook spam whatsoever except for shitty programmers writing the stuff and people using it that either:

  • have abandoned their websites or forgotten that old guestbook or blog now littered with junk
  • aren't aware there is a problem as many spambots post on older threads
  • don't know there are solutions to these problems
  • aren't capable of installing the patches even if they are aware of the solutions
I've posted before how I stop spam on all my pages that have forms for submitting a variety of things, WITHOUT the use of captcha's, and although it's a pretty draconian approach to the problem it's also highly effective. My solution was to simply reject any posts with embedded HTML and URLs, just bounce them with an error about the content, and it works 100% against real spam. Maybe it's a tad extreme but when this type of spam is dead maybe I'll open up my sites again to more robust content posts, you never know.

However, for those that like to continue to do things the hard way, here's a list of software you can install to stop the spammers:
I'm going to ask that people reading here help the cause and start educating everyone you run across with a blog or forum being overrun by spam.

Please point them to a resource to solve the problem or offer to help them add the plug-ins pro-bono or for a nominal fee if they don't understand how, or if all else fails alert the host to help sites overflowing with spam and see if they'll be of any assistance.

Don't forget, the purpose of these spammers is to drive direct traffic and also get results in Google so when you stumble upon these sites in Google, make sure you file a Google Spam Report while you're there to get them whacked from the search results.

We can stop this in the next year or two, as long as people quit being complacent and just install the upgrades, patches, captchas and other anti-spam tools.

Spread the word, let's just get this done so we can stop talking about it already!

No comments: