Some time ago, I noticed the traffic on this site dropping off rapidly. Continue reading
Tag Archives: Spam
Sequential Email Addresses are Silly
Leave a reply
A simple hint for email administrators everywhere. If you have a large number of users with unique sequential ID numbers, it may be tempting to use that ID as a primary email address, or an alias, but don’t do it. It’s an open invitation to spammers to target your users with the minimum of effort. Once they know one number in the sequence they can quickly find two more addresses by adding or subtracting from the first. Before long, with kinderarden maths they’ve guessed every email address and can proceed to spam them all. Today, I was automatically registered for one of Portsmouth Uni’s Google Apps accounts. It comes complete with an email address that is sequentially numbered. As a consequence, having never sent a mail with the account, and having never logged in until today, I found in my inbox, five, beautiful blinking pieces of spam. Years ago when we were setting up the email addresses for vodafone.net, the powers that be in Vodafone were really keen to have your-phone-number@vodafone.net as the email address format. We advised against it, strongly. We did sharp intakes of breath. We did furrowed brows. We did reverse psychology. Everything. The light was seen, and sanity and happiness was maintained, at least for a few months, then they did it anyway. I wonder how those vodafone.net accounts are doing now.
Probable Trust
Right now, there’s limited information on reputable news sites regarding the earthquake/tsunami that occurred south of Samoa yesterday. To find more, I turned to Twitter (and its open source equivalent identi.ca). Disseminating live news from witnesses, moments after a major event, is the most compelling feature of such services, but both failed me. Not in the fail whale sense. Both sites were technically operating at 100% normal status. It was the content. Continue reading
Worst Offenders for WordPress 2.5 – Pre-Alpha
I’m in the process of rewriting the Worst Offenders plugin for the soon-to-be-released WordPress 2.5. Before I make a tested and polished version of the code globally available, I’d be interested to hear from anyone who’d like to alpha test it.
As before Worst Offenders works cooperatively with other anti-spam plugins: its primary purpose is identifying and deleting the comments that are 100% definitely spam (sent by the very worst offenders) so that any “false positives” (sent by real genuine humans) can be rescued from the spam bin! Continue reading
Akismet Billion
It’s only 15 months since I mentioned the rocket-like acceleration of Akismet which went from a standing start to the point where it had fended off a million spam messages for its users in just 4 months. If things had continued at that pace it would have squashed a cool 5 million spams by now. Continue reading
Akismet htaccess extension
My spam counter in Akismet has been steadily rising of late, and it’s been approaching 10,000 caught spams very quickly. Yesterday it went through 9,950 and with my average of over 100 spams per day it should have gone through the 10,000 barrier by now. But instead I’ve had about 3 spams today. Did I just find an off button for spam? Continue reading
Akismet Worst Offenders Extension
This last few weeks the site has been very heavily hit by comment spammers hawking their usual reprobate websites and wasting internet bandwidth. Akismet has been doing a sterling job of catching this spam and not one message has made it onto the site (I wrote about Akismet’s effectiveness in the pre-launch testing previously). In the bad old days before Akismet I’d have to go through the “unmoderated comments list” in order to find the occasional real comment amidst all the spam, this is no longer necessary, which is wonderful. Comment-Spam-Nirvana has not been reached yet, however. Continue reading
Analysing MyNiceMailAt.com
I’m hoping to spend some time over the next ‘n’ weeks understanding the data generated from the mynicemailat domain, though I’m a bit busy with real experiments at the moment, so I intend to do it by thinking aloud here as I get the opportunity. Continue reading
Akismet – Comment Spam Killer
This website – like any website that allows readers to submit comments – receives comment-spam, usually advertising medicines, gambling, or other vices.
I’ve been trialling a new anti-comment-spam plugin since mid September. It’s called Kismet, it’s from Automattic, (hence Akismet for short) and it’s working very well. Continue reading
Spammed by MyNiceMailAt .com
Hopefully I just spoiled a spammer’s whole week. How? I bought the domain that he’s trying to promote (MyNiceMailAt.com) before he did. Continue reading
Spam Indirection
I think this may be a mildly new twist on email and referral spam: using referral spam to advertise a message that’s stored in an unused public newsgroup, thus avoiding spam filters. Continue reading
Latest Referral Spam Domains
Referral and Comment spam continues unabated, with several new domains this week, and several new machines doing the spamming. Here I present two regularly updated URl’s that list the domains and ip addresses of the machines that are hitting me, and the two scripts that generate them. Continue reading
Curious Referrals
An article on SpamHuntress.com got me thinking laterally about some of the referral stats I’m seeing, and I’ve started to notice something curious. Continue reading
Comment Spam, RIP soon?
A couple of years ago, a web page with an open comment form would have been used for commenting intelligently and considerately on the subject at hand or sending a message to the page author. Then, with the advent of Google’s page rank system, comment forms became the subject of massive misuse, because pagerank gave a higher rank to web pages based on the number of times they appeared on other sites. Spammers would use automated tools to mercilessly link and relink their sites on any and every open form. Having a high pagerank means coming first in search results, which for a commercial site equates to more sales: so comment spamming had rich rewards. Continue reading
Extending StatTraq and Spam Control
I spent a while chatting with StatTraq author Randy Peterman over the last few days, we’re both interested in how to remove (or hide) referral spam from site usage statistics in order that they may be a realistic and meaningful reflection of actual human visitors. Continue reading
15 New Referral Spam Domains
Over the last few days the referral spam tide has ebbed and flowed: for about a week, everything that came in was pointing to doobu.com, then today, there was a definite change in tactic as 15 new poker related domains (see the existing story on referral spammers for the updated table of details) were added to the ever growing list. Continue reading
New Referral Spam Tactic?
Today I’ve stopped getting hit by named domains for referral spam. At first glance this sppears to be good news. Continue reading
Another Light Analysis of Referral Spammers
The “Account Terminated” swamp got a little muddier over the last few days. Continue reading
A Light Analysis of Referral Spammers
So; more tales from the “Account Terminated” swamp. I’m looking through my referrer spam from the last 24 hours and I decide to do a little whois checking. Continue reading
Referrer Spam
I’ve recently been getting “referrer spam”. What happens is this. A program, somewhere, on some zombie computer, visits my website and when it does so it wells my webserver that it was directed to the site from website-x. Continue reading
