[pmwiki-users] How To Help Fight Spam on PmWiki.org
Crisses
crisses at kinhost.org
Mon Oct 2 08:12:37 CDT 2006
On Oct 2, 2006, at 8:48 AM, Thomas -Balu- Walter wrote:
> On Fri, Sep 29, 2006 at 01:30:58PM -0500, Patrick R. Michaud wrote:
>> As far as dealing with dynamic IPs; I'm not too concerned yet
>> about the difference between IPs at the /24 netmask level.
>> I.e., if someone at 24.1.26.127 posts spam to the board, then
>> it's fine for now to go ahead and block everyone at 24.1.26.* .
>> As far as I know it hasn't posed a real problem in terms of
>> blocking legitimate posters, and if it does we'll deal with
>> it then.
>
> You might even hit all users of a proxy when adding just a simple
> IP not
> mentioning a /24 block.
>
> I'm usually against punishing many if one does stupid things.
PmWiki(.org) is rather international. I have mainly English-speaking
only people on my sites, some are geared not only towards US-only,
but LOCAL only -- as in maybe the "Tri-State Region" of New York, New
Jersey and Pennsylvania or Connecticut -- maybe even more local than
that. When the case is that I don't need people from the entire
planet on my site, and much of my spam is coming from other
countries, I just need to check the country the IP block is coming
from. Then I can wildcard out the ###.###.###.* block where the
offender is. If his/her IP address changes, they probably still
can't get on my site. At least until they hijack my next door
neighbor's Windows machine ;) It's a hack against hacks. No one
thinks it's perfect, but there are people deliberately trying to mess
around with us, and some of them are desperate, diligent or creative
in their approaches. It's always us reacting against them when they
find a new hole to exploit. I consider wasting people's time a
mortal sin, because no matter who you are or what religion you're
from, it all boils down to each of us having only so many minutes in
this life and these *@)@#)#{#{@(@{@(#@&&$&%$##{ are wasting our
finite precious time.
> IMHO the first countermeasure should be to use the spamvertised domain
> to block those bastards - perhaps even adding those to some of the
> external blocklists?
I did this -- eventually I ended up with a blocklist only a few
thousand lines long. You can see a sample of it on the Blocklist2
page. There are some IPs of some particularly diligent persons, and
a HUGE list of domains and drug words. It ground my site(s) to a
halt. I couldn't do that anymore. Now I use a much shorter
Blocklist with the link validation (ApproveURLs)
> Balu
> PS: While playing around with my new wiki I thought of adding some
> unprotected honeypot-area to collect those domains.
There are endless people suckered in to SEO optimization scandals.
One way those -- as you put it -- bastards help raise the ranks of
their paying customers is to spam our wikis with their links. There
are probably a hundred thousand sites buying in to unethical SEO
practices -- and I can't believe those people are making money on
something that probably won't work. I have a ton of emails from
blocked wiki posts if you'd like to see some of the results of
capturing attempted postings. there is no need to set up a honeypot
-- just follow the Blocklist2 recipe instructions to have failed
attempted postings emailed to you. So many were blocked on the drug
names that I didn't need to add the domain names to my blocklist.
You don't want a blocklist a hundred-thousand lines long ;)
Crisses
More information about the pmwiki-users
mailing list