Some time ago, I noticed the traffic on this site dropping off rapidly. Continue reading
A simple hint for email administrators everywhere. If you have a large number of users with unique sequential ID numbers, it may be tempting to use that ID as a primary email address, or an alias, but don’t do it. It’s an open invitation to spammers to target your users with the minimum of effort. Once they know one number in the sequence they can quickly find two more addresses by adding or subtracting from the first. Before long, with kinderarden maths they’ve guessed every email address and can proceed to spam them all. Today, I was automatically registered for one of Portsmouth Uni’s Google Apps accounts. It comes complete with an email address that is sequentially numbered. As a consequence, having never sent a mail with the account, and having never logged in until today, I found in my inbox, five, beautiful blinking pieces of spam. Years ago when we were setting up the email addresses for vodafone.net, the powers that be in Vodafone were really keen to have email@example.com as the email address format. We advised against it, strongly. We did sharp intakes of breath. We did furrowed brows. We did reverse psychology. Everything. The light was seen, and sanity and happiness was maintained, at least for a few months, then they did it anyway. I wonder how those vodafone.net accounts are doing now.
Right now, there’s limited information on reputable news sites regarding the earthquake/tsunami that occurred south of Samoa yesterday. To find more, I turned to Twitter (and its open source equivalent identi.ca). Disseminating live news from witnesses, moments after a major event, is the most compelling feature of such services, but both failed me. Not in the fail whale sense. Both sites were technically operating at 100% normal status. It was the content. Continue reading
It’s only 15 months since I mentioned the rocket-like acceleration of Akismet which went from a standing start to the point where it had fended off a million spam messages for its users in just 4 months. If things had continued at that pace it would have squashed a cool 5 million spams by now. Continue reading
My spam counter in Akismet has been steadily rising of late, and it’s been approaching 10,000 caught spams very quickly. Yesterday it went through 9,950 and with my average of over 100 spams per day it should have gone through the 10,000 barrier by now. But instead I’ve had about 3 spams today. Did I just find an off button for spam? Continue reading
This last few weeks the site has been very heavily hit by comment spammers hawking their usual reprobate websites and wasting internet bandwidth. Akismet has been doing a sterling job of catching this spam and not one message has made it onto the site (I wrote about Akismet’s effectiveness in the pre-launch testing previously). In the bad old days before Akismet I’d have to go through the “unmoderated comments list” in order to find the occasional real comment amidst all the spam, this is no longer necessary, which is wonderful. Comment-Spam-Nirvana has not been reached yet, however. Continue reading
This website – like any website that allows readers to submit comments – receives comment-spam, usually advertising medicines, gambling, or other vices.
Hopefully I just spoiled a spammer’s whole week. How? I bought the domain that he’s trying to promote (MyNiceMailAt.com) before he did. Continue reading
I think this may be a mildly new twist on email and referral spam: using referral spam to advertise a message that’s stored in an unused public newsgroup, thus avoiding spam filters. Continue reading
Referral and Comment spam continues unabated, with several new domains this week, and several new machines doing the spamming. Here I present two regularly updated URl’s that list the domains and ip addresses of the machines that are hitting me, and the two scripts that generate them. Continue reading
A couple of years ago, a web page with an open comment form would have been used for commenting intelligently and considerately on the subject at hand or sending a message to the page author. Then, with the advent of Google’s page rank system, comment forms became the subject of massive misuse, because pagerank gave a higher rank to web pages based on the number of times they appeared on other sites. Spammers would use automated tools to mercilessly link and relink their sites on any and every open form. Having a high pagerank means coming first in search results, which for a commercial site equates to more sales: so comment spamming had rich rewards. Continue reading
Over the last few days the referral spam tide has ebbed and flowed: for about a week, everything that came in was pointing to doobu.com, then today, there was a definite change in tactic as 15 new poker related domains (see the existing story on referral spammers for the updated table of details) were added to the ever growing list. Continue reading
Today I’ve stopped getting hit by named domains for referral spam. At first glance this sppears to be good news. Continue reading
The “Account Terminated” swamp got a little muddier over the last few days. Continue reading
I’ve recently been getting “referrer spam”. What happens is this. A program, somewhere, on some zombie computer, visits my website and when it does so it wells my webserver that it was directed to the site from website-x. Continue reading