I’ve often wanted to post on my frustration with the spam that bombards my blog, but I figured that quoting any of it would just draw more of the same kinds of spammers.
My home domain gets between 300mb to 2.5gb of spam mails (and faked-header bounces) per day, all traffic that I pay for. I’m not a violent person but if I caught wind of a spammer lynching, I would literally run to the store to buy rope. After all – this is a war.
I’ve been doing internetty stuff since 1992, I’ve had my domain since 1994 (aside: I was briefly “o@uk” due to my involvement in the creation of a non-accademic UK registry, and I was “oliver.co.uk”) and I was the coder responsible for this:
>According to Netcraft, [thttpd]’s used
>on 1.82% of all HTTP servers, behind only Apache, IIS, Enterprise, and
>Rapidsite.is somewhat of an overstatement. There are actually only a hundred or
so sites running thttpd. One of them is Demon Internet, a British
company which serves over 100,000 domains on a single SGI box running
their modified version of thttpd.
(Bah, “modified” – there’s something to put you off open source; rewrote the thing to be asyncrhonous, submitted somehow the next version looks exactly like a reformatted version of my submission and I didn’t even make the credits)
Anyway, lets just say that my career has lead to some dabbling in pr0n (not to mention my stint at page3.com [sfw – but they might not appreciate the URL]).
Even so, some of the spam the “guestbook” spammers are posting into comments on my wordpress blog I find nauseating and as a result I’ve become lazy about checking my spam trap.
Which makes things worse, because after you get a few pages of spam, Akismet stops properly paginating them forcing you to look through the same nasty stuff again and again and again.
I still find that I can identify over 95% of the spams from the sender, website link or first line of text. But they show you the whole spam, and some of them are insanely long – 3-4 scrolls worth, which makes you tend to skim even less carefully. I’ve suggested that they add a “scan” mode which lets you winnow out the obvious cruft, but they got all uppity on me.
I’m pretty sure this is leading a lot of folks to periodically just click “delete all” and mistrain Akismet on a whole bunch of legit links, leading to more false positives and less careful checking.
The unfortunate truth is that there is money in spam, so fighting it is a real arms race, if you’re going to fight spam, you have to be prepared to fight evolution. I’ve seen a ton of open-source/free anti-spam tools fall off and die because the authors get their ego-panties in a twist that the spammers seem to be smart. It’s not true. They’re just prolific so that sooner or later one of their bacterium finds resistance.
Example: Every now and again you’ll see a spam email that makes no sense. It’s clear text with no hidden mime stuff, no link, no “sniffer pic” (an embedded 1x1pix blank image that your mail client fetches exposing your IP address on their web server to verify your email address), no link of any kind infact. Just a bunch of words that form incoherent sentences.
Those are corruptors: they’re bits of other emails mashed together with the sole intent that you corrupt your email software’s spam training by association. If you mark it as spam with all those un-spammy properties, its going to confuse your software when real emails come in; but if you delete it without marking it as spam, the genuine spammy properties of it will dilute recognition of actual spam emails.
Tonight I saw my first comment-referencing spam here on WordPress:
Playstation » Comment on Sony, sell me some gold! by Krenn, on October 25th, 2007 at 9:12 pm Said: Edit Comment
[…] unknown wrote an interesting post today onHere’s a quick excerptCool, looks like you’re scheduled for spamination on the 25th of the month. Gotta like dependability. […]
referencing a comment by Krenn here. I – stupidly – followed the link to find a rather bare and innocent looking landing platform – possibly indicating that the spammer is probably just developing or testing his new mechanisms.
I know, pingback spams are nothing new – but this one actually referenced a comment remarking on a (now deleted) spam.
That is new, in my experience.
Most spammers, like the majority of self-named “hackers”, aren’t any smarter than the ecoli bacterium that inevitably become resistant to the disinfectant you continually kill 99.9% of with your kitchen wipes. Sooner or later, that 0.1% is going to survive due to some fluke genetic deviation and sooner or later they’ll pass it on. Maybe the labels on those things should indicate “percentage will decrease over time”.
The good thing about this war is that I think we can all agree that unlike Hitler or the Miloshevics – we’re actually dealing with the genuine subhuman article.