I’ve been pretty busy at work, so I haven’t done much more work on my auto-firewall code in the past couple of days. But it seems to be holding its own pretty well. Normally, over the course of a few days, my comments database accumulates a couple thousand spams (I check it using Chris Davis’ Spam Nuke plugin). But since activating my new system, the spam comments are down to a trickle, maybe 10% of what it used to be.
This is because the system only allows a few attempts from any particular host before it blocks that host completely, eliminating any further attempts. And of course, it’s rare that any of the first few ever show up anyways, because at least 99% of those are caught the standard WordPress graylist/blacklist functions. (Side note: does anyone have any etymological info about the usage of “gray” vs “grey”? Just curious)
I think I’ve decided to name this project “SpamValve”, because it controls the flow of spam much like a valve controls the flow of water from a spigot.
Related posts:
- SpamValve Download
" I only had a couple of responses to my call for SpamValve testers. One of the testers has already begun using SpamValve on his..." - Some blog spam cases you might want to watch for
" I like to think that I’ve got some pretty decent spam prevention measure in place on my server. My mail server uses RBL/DNSBL services..." - SpamValve Testers Wanted
" I think I’m almost ready to let some other people bang on SpamValve. I want to get a closed group of users to try..." - SpamLookup plugin for MovableType
" There’s a new plugin for MovableType called SpamLookup. Let’s compare this add-on to the anti-spam features already in the WordPress core: Feature Comparison for..." - Dear Spammers…
" Thank you for continuing to submit your data to my anti-spam systems. I have been able to put your information to very good use,..."
11 Comments
Great name, SPAM is Evil… I am just so tired of the neverending clean up. I need to do some serious changes to my site when I get the chance… I get tired just thinking about the stuff I have to do just for spam control purposes.
Aren’t you worried about a potential DoS, especially with the system being known. Its the same problem as hostsentry/portsentry caused. What if a malicious user was to “spam” you’re site from you’re router’s ip. You should maybe think of putting in at least a ‘white-list’ of sorts, preventing that you get completely cut off, but then people could still cut out misc users…
Or am I on the wrong page?
“Gray” is a color and “grey” is the British spelling of “gray”.
afaik grey is more widely used, but given that the whole of america goes with gray its probably got more weight
fx: One of the first things I put into the code, before I even started on the blocking code, was a whitelist
I whitelist the local network block, localhost, and a few other things. I’m pretty sure that spoofed internal IPs would be blocked by the gateway router anyhow (it should be configured to know that internal IPs don’t come in on the externtal interface). But a sort of DoS via spoofed IP numbers is still a danger. Until I see evidence that it’s actually happening, it’s a danger I’m willing to live with.
Larry and fx: I seem to switch back and forth between ‘gray’ and ‘grey’. I’ve never been certain which spelling I should consider ‘more correct’. I seem to have used ‘gray’ more often, despite the fact that I sometimes think that ‘grey’ is more correct, and that ‘Gray’ should be somebody’s surname.
Most of the distinctive American spellings were invented or standardized by Noah Webster. Generally, the Imperial spelling follows etymology (though there are exceptions: defence, Latin dêfênsum) and the American spelling follows pronunciation.
Why not check it in to the plugin repository and get some more eyes on it?
I’ve still got my database authentication information hardcoded into the perl scripts at the moment. Some file and command paths are also hardcoded, and need to be moved into configuration variables. When I get a chance to refactor the code, I’ll make it public.
I’m hoping that once I’ve released it, people will submit patches for systems that use other firewall systems besides
ipfw(ipchains, for example).It’d be especially nice if the command line stuff could be translated to PHP.
Gray is the standard American usage.. because you all are lazy and couldn’t cope with more than one word for the same thing
However the usage over here in the UK is Grey, but Gray is normally the name form – however its not ‘wrong’ to use Gray, just unusual.
So classically its more correct (and universal) to use Grey, but Gray is acceptable. The difference is actually in inflection. Gray and Grey should be pronounced subtley differently, relating to their different accent evolution, but no-one really does. Gray is more grAYyy and Grey is more grREy, but its subtle.)
test
One Trackback
[...] 8212; Dougal @ 9:34 pm
I think I’m almost ready to let some other people bang on SpamValve. I want to get a closed group of users to try it out and give me some feedba [...]