Blog spammers - how to identify, hunt down and kill them

[roymond]

I realize this forum is generally about music stuff, so JB, feel free to move/delete it as appropriate (not that anything would stop you)...

My websites offer readers/listeners to leave comments. Comment spammers attack on an hourly basis. I changed the script name and did some other tweaks with the hope that the spam spiders from hell would be held at bay. They were! For almost a week. Then it all started again. I may try to find the time to implement one of those CAPTCHA turing validation systems, which will block some visually impared people. I don't want to make people register, but that may be necessary as well.

In the meantime, <b>does anyone know how to track these bastards down? What weapons can be brought to bear against this low-life scum?</b>

[deshead]

They were! For almost a week. Then it all started again.

There are some other tactics listed on this page: http://www.simong.org/index.php?p=739. (He claims to have stopped the spam altogether.)

In the meantime, <b>does anyone know how to track these bastards down? What weapons can be brought to bear against this low-life scum?</b>

The organized spammers do everything through a network of PCs they've zombified with trojans. These guys are essentially impossible to identify.

The less-organized ones (like the idiot mentioned in the article above) are doing the work manually, clicking on search links and pasting their crap into forms. To paraphrase George Herbert, I get my revenge on these guys by living better than them. I mean, I can't imagine "click, paste, click, paste, click..." is a very satisfying existence.

[jb]

I dunno what to use for Movable Type, but for WordPress I use Spam Karma, and it pretty much completely stopped the flood of comment spam I was getting on my blog.

http://www.unknowngenius.com/blog/wordpress/spam-karma

I suspect there are similar plugins available for the venerable Movable Type.

I'm with you on the wanting-to-punch-them-in-the-mouth front though. I hate comment spammers more than email spammers. If I ever meet one, he or she will be in deep shit.

[brad]

Ditto on the Spam Karma, though they will still try to rape you with trackbacks and the version of SK I have doesn't deal with them. I just shut those suckers off. Referral spam is the only remaining bane of my existence.

[fluffy]

If your MT install is already set to spew out PHP, this little stopgap hack I put together works well: http://trikuare.cx/mt/archives/000410.php

The simong.org thing deshead linked to also has some good stuff on it, though a lot of the ideas might break on some browsers (mostly older ones and screen readers and Lynx and so on). Also, nothing can stop truly-dedicated manual spammers short of removing commenting altogether. The whole "nofollow" debate is pretty moot, too, since it's not like hand-spammers even look to see if the comment they posted actually produces pagerank since all they care about is getting their 10 cents per post or whatever.

I just turned trackbacks off entirely, and while referral spam sucks, I don't look at a general referrer log anyway (I have a bunch of scripts to filter out the more interesting stuff, which just happens to filter out most referral spammers as well since most of them don't attack my referrer log in the same pattern as genuine inbound links).