RockertO

Spammers rack off

by rockerto on May.20, 2009, under Pc Tricks

Spammers that flood peoples blogs.

Well firstly, my mom has a problem with spoofers flooding her email server. But by the looks it is not a big bandwidth issue atm, what worries me is how to stop it which i can’t and the word from the wise is that it passes after a few weeks. (we wish) If it was my site i could pull it down offline and appear somewhere else newly hardened, but i can’t do that to her site without troubling her with new login details and such as we not talking again, sigh.

Here is an open relay online test if you run your own server, ours are locked down, but as i know, you could telnet into lots of sites and spoof people all night long, sounds like fun? Well for the kids not connected behind some obscure Russian/Euro  Hacking Business Network, don’t try it at home unless you can hide your ip.

There is no real way to stop spoofing except to delete the messages as they arrive. To accomplish this, you can simply define a filter that will delete messages based on specific values in the email message header.

Well here are a few things about Wordpress i found to help with the tide for comment spam,

  • When it comes to beating automated spambots, nothing beats custom protection.

  • Akismet, which  comes bundled with Wordpress (and also owned by Wordpress’s parent company) is one of the best anti-spam plugins for Wordpress.

  • Have a look at your trackbacks – many a times, what looks like a genuine trackback actually turns out to be spammers’ plug.WP-SpamFree: Relies on the basic assumption that bots either understand javascripts or can process cookies, but max 1% of bot can understand both. This plugin uses a combo of JavaScript and cookies, since most bots choke on them, to weed out the humans from bots, preventing 99% of automated spam from ever getting to your site.

  • There is a guy here with a great list of spammers ip’s addresses which looks current. Another list too.

  • Rickroll them and here’s how

  • I heard that mod_security (and the use of .htaccess) can (at least) help us in fighting spammers. but you need to maintain it. You need to keep updating the regex filter / banned IP address list.

Compared to email, with SpamAssassin etc, website’s defenses against spammers are still not that robust yet.

I’ve setup SpamAssassin, and after tweaking it for a while, now I can forget about it. There’s no such thing yet for websites unfortunately.

:, ,

Leave a Reply

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...