kasia in a nutshell: Spam breeds more spam

January 08, 2005

Spam breeds more spam

As an experiment, I left two typical comment spams in one of my entries (now deleted) only long enough to be archived by Google. I was curious what would happen. In less than 24 hours since the original comment spam arrived the entry was spammed, nay, bombarded with 356 brand new spam comments.

The spammer found my entry via google searching for one of the couple dozen urls spammed in the comment body. Here is a screenshot of what google cache was still showing today. (The spam was actually removed already).

That was pretty fast, wasn't it?

In other words:

Unremoved spam + fast google caching = lots more spam.

Obviously just removing the comments is no longer good enough, time to work on preventing them from arriving in the first place (I have a hangup about using mod_perl, so no mt_blacklist).

Posted January 08, 2005 09:13 PM in Spam sucks
TrackBack URL for this entry: http://www.unix-girl.com/mt/mt-tb.cgi/1434

Comments

On January 8, 2005 11:54 PM Tricia added:

Eeeeks, that's scary! Maybe something like MT-Moderate, set to only 1 or 2 days??

On January 8, 2005 11:55 PM Jeremy Zawodny added:

Interesting. This confirms something I've suspected for a long time now.

On January 9, 2005 03:19 AM Anil Dash added:

This is really interesting feedback, we'll take this into account. And I'll give Jay some more grief about Blacklist not running under mod_perl on your behalf.

On January 9, 2005 06:12 AM david added:

Thats actually pretty smart thinking on the part of the spammer. Being cached in google must of flipped on the "spam more!" light for them.

On January 9, 2005 11:03 AM George Hotelling added:

This sounds like the Broken Window Theory[1] applies to web sites just as much as neighborhoods. Comment spammers will gravitate to poorly tended blogs...

1: http://www.cityofseattle.net/police/prevention/Tips/broken_window.htm

On January 9, 2005 05:48 PM Tom Coates added:

It only kind of makes sense to me. I mean you'd expect them to conserve resources if they're running a script on a computer used for other stuff. But realistically that can't last, surely? Where's the benefit for them in only spamming places where it definitely gets through when the cost of spamming everyone drops?

On January 11, 2005 07:13 PM Schlank Jetzt added:

I think that just blocking domains isn't good enough.
There are virtually millions of spam domains. I believe they use some automated software to post on all the blogs they can reach.

The only reasonable option can be authentication. TypeKey is one of them.

On January 12, 2005 04:49 PM Gavin added:

If i remember correctly, I had gotten mt_blacklist mostly working with mod_perl, and was surprised nobody else tried.

It looked, to me, that it was purely because he was trying to use the CGI module with the Apache object already taking over or something like that.

On January 14, 2005 07:19 PM Tobias Hoellrich added:

I'm convinced that public proxy servers are responsible for 95%+ of all comment spam. If we determine accurately that a comment has been submitted via a public proxy it should help to avoid those 95%+. I'm testing a much better version of http://www.kahunaburger.com/blog/archives/000191.html right now and it looks very promising. As soon as it had a burn-in on my site, I'm gonna post it. It'll run under mod_perl, because it runs under mod_perl on my site :-)

Trackbacks

Jeremy Zawodny's blog:Using mod_rewrite against stupid comment spam bots...
You'd think the comment spammers would be a bit smarter, but apparently not. Over 80% of all attempted spam hits on my site provide no HTTP Referer data. None of them work, of course, because my MT install isn't quite what they think it is (they don't ...
(read more)
January 8, 2005 11:54 PM

angiemckaig.com:i miss the days when spam was lunch meat
Not that I ever ate the stuff - erg - but really, you have to feel for the poor company who makes Spam. As though there weren't enough negative perceptions towards their product, the digital revolution had to happen and now everyone's talking about Spa...
(read more)
January 9, 2005 12:37 PM

The Luney Bin: H. Wade Minter:Broken Window Theory
If you have a blog, then you've certainly experienced comment spam. The same fuckwit spammers who hit your inbox are also going after weblogs, flooding open comments with their wares in an attempt to get their websites highly ranked in...
(read more)
January 9, 2005 02:58 PM

eclinkticism:Spam Target
Spam breeds more spam Unattended comment spam will attract more as spammers search for common spam strings....
(read more)
January 9, 2005 07:53 PM

plasticbag.org:Links for 2005-01-10
What happens to the water-cooler moment when TV is consumed on-demand? Michael Sippey on the creation of episode-based micro-communities for people who consume TV episodes after-the-fact... (categories: michaelsippey postbroadcast television tv tvseri...
(read more)
January 9, 2005 08:35 PM

MT-Blacklist/Comment Spam Clearinghouse:Spam breeds more spam
Although it's been said here numerous times, it's always worth another reminder: If you leave spam spam on your site, you will get a lot more spam. Kasia writes about her experiment to prove it. In essence, by leaving spam...
(read more)
January 9, 2005 10:26 PM

This Space Intentionally Left Blank:Well, There's Spam, Egg, Sausage And Spam. That's Not Got Much Spam In It.
This following link is for those who don't regularly check Jay Allen's MT-Blacklist/Comment Spam Clearinghouse: If you're getting comment spam, the fastest way to get more comment spam is to fail to remove it. In other words, what I'm trying...
(read more)
January 9, 2005 11:59 PM

blog.hardcore.lt:valykitės ūkelius
čia ir čia: kuo daugiau paliekat, tuo daugiau blogio ir nervatriopkės ateina :)...
(read more)
January 10, 2005 06:14 AM

larfs Weblog - oder ists ein Blog?:Spam lockt Spammer
Und gleich noch etwas zum Thema "Spam in Weblogs" hinterher: ein Test von "kasia in a nutshell" zeigt es recht eindrucksvoll: sie hat zwei Spam-Kommentare absichtlich so lange in ihrem Blog gelassen, bis sie bei Google zu finden waren. Das...
(read more)
January 10, 2005 10:13 AM

A Welsh View:Unremoved Comment Spam = More Comment Spam
For those who are unlucky enough to receive comment spam in their blogs, how many remove it within 24 hours? If you ignore it or don't remove it quick enough, maybe you should take a look at this post to
(read more)
January 10, 2005 04:00 PM

readme.blog:Spam Begets Spam
Spam breeds more spam. As an experiment, I left two typical comment spams in one of my entries (now deleted) only long enough to be archived by Google. I was curious what would happen. In less than 24 hours since...
(read more)
January 10, 2005 06:47 PM

beancounters:Why you should delete comment spam asap
Apparantly, they breed like rabbits. [Thx, Robert]
(read more)
January 11, 2005 01:22 PM

***Dave Does the Blog:Spam by any other name ...
So, a somewhat disturbing evolution in the War on Comment Spam -- the stealth URL. And it shows why blacklists will only ever be of limited use as time goes...
(read more)
January 13, 2005 05:42 PM

90% Crud:nofollow
nofollow seems to be the name people are giving for the new anti-PageRank tool, and it's been pretty well received but there has been some criticism. nofollow is not a panacea. Large-scale social problem don't have easy answers, like stopping...
(read more)
January 19, 2005 10:13 AM

车东Blog^2:Google的“破窗”
其实可以用破窗效应来解释：被侵蚀的Google | 破窗理论：如果有人打坏了一栋建筑上的一块玻璃，又没有及时修复，别人就可能受到某些暗示性的纵容，去打碎更多的玻璃。类似的：Spam breeds...
(read more)
February 2, 2005 01:01 AM

车东BLOG:Google的“破窗”
其实可以用破窗效应来解释：被侵蚀的Google 破窗理论：如果有人打坏了一栋建筑上的一块玻璃，又没有及时修复，别人就可能受到某些暗示性的纵容，去打碎更多的玻璃。类似的：Spam breeds m...
(read more)
February 10, 2005 08:37 AM