Comments on: Poisoning the well

By: Pariah S. Burke

Pariah S. Burke — Thu, 22 Dec 2005 01:35:51 +0000

I just saw your post about this. I wrote one the other day, dubbing the practice “Whitelist Spamming.”

http://www.iampariah.com/blog/2005/12/whitelist-spam-attacks-threaten-blogs-and-email/

The real problem comes into play when you think about the big picture. It’s not just about whether spam gets to YOUR blog, it’s about whether your domain gets blacklisted by other blogs and e-mail servers.

By: ShadowLife » Blog Archive » Comment Spam

ShadowLife » Blog Archive » Comment Spam — Thu, 22 Dec 2005 01:06:25 +0000

[...] Edit: a lot of these comments seem to be ‘poison-the-well style comments, which makes their existance all the more pointless. [...]

By: Ross Easton

Ross Easton — Mon, 19 Dec 2005 00:14:28 +0000

Getting a load of the poison too! Interesting.

By: James (aka MacManX)

James (aka MacManX) — Sat, 17 Dec 2005 20:07:16 +0000

I remember when I first got caught up in a “poisoning the well” attempt. I was running Spam Karma v1 and some clever spammer began flooding me with spam comments that linked to “.com”. Sure enough, Spam Karma eventually added “.com” to its blacklist, and it wasn’t long before every incoming comment was eaten by Spam Karma. I had to flush my entire Spam Karma blacklist just to get rid of that one false entry. So, if you run an “intelligent” spam filter, such as Spam Karma and Akismet, keep a very close eye on your logs.

By: What makes you happy ? » Gatekeeper in.

What makes you happy ? » Gatekeeper in. — Wed, 14 Dec 2005 15:20:06 +0000

[...] When I first installed Spam Karma 2, it killed all the spam. Great code, great protection and it’s something I still use. What SK2 didn’t protect against though was spam flooding. A spammer could hit your site with numerous requests and each would be processed. Not good. When Bad-Behaviour was released it took the place of SK2 in it’s spam killing by preventing them getting close enough to do the damage. It stopped the spam flooding. SK2 stayed in the background twiddling it’s thumbs. SK2 literally was redundant but it stayed in place. Increasingly though, SK2 is working because more and more spam is evading BB. I am now clearing between 10 and 20 spams a day using SK2 and I’m even having spam get through (this is comment spam, not pingback / trackback) to the blog. The spam criteria is being poisoned too. The full code for both the above plugins is available to download, check, test against for the spammers though isn’t it ? They have a financial impetus to find holes and by my measure, they are doing that. So, to do something about it. One option is Aksimet from Matt. I have an API key, I had it installed at one point but I have doubts about my blog relying on a remote server outside of my hosting to function correctly. There’s only so much spam that can be held back before a server falls over. Part of the problem with this - from where I stand - is that as good as Matt’s work is, who cares enough to support it financially ? Looking at last year’s poker flood - the companies like it, the stock market likes it, the shops love it. It’s big business pushing this crap so it would take a business just as big to fight back wouldn’t it ? And there is no big business, just lots of little blogs, all with their own tools, all trying to make their target look less attractive than the next blog program … So for now, Akismet is not an option (though having distributed servers would be much better). But one option - which I have always quite liked when using it on other’s blogs - is Eric Meyer’s Gatekeeper. I pose a range of quetions, you answer them. So it is now installed and ready for you if you choose to click the comments link. I’ll admit I have no idea how spammers attack the code and no doubt someone will pop up and tell me that they skip where I’m protecting and that this is no good etc etc but hey - all you need to do IF you want a comment is answer a question. And because I like comments, it’s not even going to be a surreal question - just a boringly normal type job. And the spam ? I’ll let you know in a week. Â¤ Read (1) [...]

By: alexking.org: Blog > Around the web

alexking.org: Blog > Around the web — Sun, 11 Dec 2005 16:41:34 +0000

[...] Poisoning the well - I’m getting (and ignoring) these too. [...]

By: Mohsin

Mohsin — Fri, 09 Dec 2005 16:05:08 +0000

Hey Dear!
I am new to Wordpress, i just started a week ago
but not sure how to use this blog, when i see my
blog’s left bar, with links called somthing blogrolls
and one of them i clicked and now i am here, but here i
was seeing very bad aspect of online marketing that is Spammers
but hope you make them lesson!, i am here to as you how to use it
means my blog http://www.acmeaims.com/daily i am also not familiar with
terms used there,,blogroll,ping,rss,,,i hope you will help me in this
regard,,,,,wish you good luck!, from MOhsin Rasool MoreLee webmaster

By: Will’s Blog » Blog Archive » Akismet Rocks

Will’s Blog » Blog Archive » Akismet Rocks — Thu, 08 Dec 2005 05:04:00 +0000

[...] I finally decided to install it after reading lots of success stories in particular, this post by Dougal Campbell titled Poisoning the Well. The type of comments that he mentions are similar to the new batch of comment spam that I’ve noticed lately. These comment spams are becoming a little bit harder to tell apart from those written by people living in countries with really bad English. [...]

By: Michael Cutler

Michael Cutler — Tue, 06 Dec 2005 23:51:30 +0000

I was also plagued by these style comments and showed how wide the problem is in a post a few weeks ago. My initial solution was to block the offending User-Agents at Apache server level - a less than ideal solution. A friend of mine wrote an interesting solution to the problem using secured time-based-tokens and I have incorporated it into this freshly baked SpamKit Plugin for Wordpress. Maybe it can help?

By: Rick Beckman

Rick Beckman — Tue, 06 Dec 2005 21:51:10 +0000

So that’s why I was getting spam pointing to websites I sometimes use! Akismet still caught ‘em, however.