Textpattern CMS

#37 2005-02-05 03:54:09

ubernostrum

Member

From: Lawrence, KS

Registered: 2004-05-05

Posts: 238

Website

Re: Automatic Referral spam Blocking.

One other thing you might try, if it comes to that, is reverse DNS lookups on the referring domain; a lot of times the domain doesn’t exist at the time of the spamming, and is only put up later.

---

You cooin’ with my bird?

#38 2005-02-05 08:39:18

Andrew

Plugin Author

Registered: 2004-02-23

Posts: 730

Re: Automatic Referral spam Blocking.

Is anyone else bothered by TheEric’s constant badgering of zem? I am. Alex has contributed greatly to the Textpattern community and while this is a good debate, your instistance on callous remarks relating to ‘ransomware’ have little to do with it. I for one would appreciate it if you’d stay on-topic, rather than try and be a defamer.

#39 2005-02-05 11:01:53

Baseline_Benny

Archived Plugin Author

From: Brisbane, Australia.

Registered: 2004-06-01

Posts: 15

Website

Re: Automatic Referral spam Blocking.

I have no problem with TheEric making a positive contribution. He does seem to have an issue with ransomware.

Zem has contributed GREATLY to this both this forum and the txp community. (BTW, thanks zem)

I would like to see the current discussion continue, without the snide remarks about ransomware (as it is a seperate issue entirely).

Ben.

---

Life is what you make it… if nothing changes, nothing changes.
Web hosting http://dynamicwebhosting.com.au/
Web dev & marketing http://wallishamilton.com/

#40 2005-02-05 13:07:58

ubernostrum

Member

From: Lawrence, KS

Registered: 2004-05-05

Posts: 238

Website

Re: Automatic Referral spam Blocking.

TheEric: keywords lead to the whack-a-mole game (which is why when I pointed out one such solution I appended a comment about how it can’t possibly scale); you ban ‘viagra’ and start seeing ‘v14gr4’. As for heuristics I’m not sure what you’re talking about; are you wanting something like Bayesian referer filtering (which probably wouldn’t be effective in this situation for a couple of reasons)?

And ditto the comments about laying off the ransomware; it’s actually very much in tune with the spirit of Free software (i.e., rather than paying for each and every copy of the software, you pay the programmer once to write it and then it’s available freely).

Last edited by ubernostrum (2005-02-05 13:43:03)

---

You cooin’ with my bird?

#41 2005-02-05 15:24:19

reid

Member

From: Atlanta, Ga.

Registered: 2004-04-04

Posts: 224

Website

Re: Automatic Referral spam Blocking.

To TheEric and Zem: nevermind the antagonism, shouldn’t you two take this to e-mail rather than spill your guts here in a manner that will be indexed by Google for the future research efforts of your opponents?

You know, the spammers?

I’m thankful you are both working on this problem. But this is not a competition. Not from our point of view.

---

TextPattern user since 04/04/04

#42 2005-02-05 16:58:42

Andrew

Plugin Author

Registered: 2004-02-23

Posts: 730

Re: Automatic Referral spam Blocking.

To the death, I say, TO THE DEATH! There’s gotta be a few extra poking sticks around here somewhere…

#43 2005-02-05 18:22:12

ubernostrum

Member

From: Lawrence, KS

Registered: 2004-05-05

Posts: 238

Website

Re: Automatic Referral spam Blocking.

reid: I’m of the opinion that anti-spam techniques are like cryptography; both will benefit more from open discussion than from excessive secrecy. And, really, I’d rather have a solution that will work even when the spammers know about it than have an arms race of “secret weapons” where the current generation becomes obsolete as soon as somebody on the other side finds out about it.

---

You cooin’ with my bird?

#44 2005-02-06 00:39:38

zem

Developer Emeritus

From: Melbourne, Australia

Registered: 2004-04-08

Posts: 2,579

Re: Automatic Referral spam Blocking.

> reid: I’m of the opinion that anti-spam techniques are like cryptography; both will benefit more from open discussion than from excessive secrecy. And, really, I’d rather have a solution that will work even when the spammers know about it than have an arms race of “secret weapons” where the current generation becomes obsolete as soon as somebody on the other side finds out about it.

That’s an important principle, but such security is only possible when the entire protocol has been designed that way from the ground up. The current state of spam (particularly referrer spam) is fought on the spammers’ terms, not ours.

The necessary conditions for building an anti-spam mechanism based on long-term security do not yet exist, and perhaps never will.

All we can do for now is ensure that we set the terms, rather than continuing to fight on theirs. (That’s why I think the keyword approach will fail: the spammers want us to fight that battle, because they know they can win – they already have, in email).

---

Alex

#45 2005-02-06 01:23:26

TheEric

Plugin Author

From: Colorado & Montana.

Registered: 2004-09-17

Posts: 577

Website

Re: Automatic Referral spam Blocking.

No automatic detection (keyword or trap) will succeed 100%

Trap vulnerabilities will be discovered and thwarted.

Keywords will be changed and yes, whack-a-mole would develop if that were the sole method..

The only thing that will remain constant is that:

1. Spammers will not play nice. They will not just hit you once. They’re greedy lil snots. Ethics and Morals aren’t in their vocabulary.
2. Spammers don’t have time – They are in a rush. They will not visit more than one page at a time on your website as it costs them links per hour.
3. Spammers will hit as many websites as possible.
4. Spamming is automatic, spending “real user” time on a website costs them time.

Assuming most of these variables, the rate in which they escape and sap bandwidth (my primary concern) can be controlled. It won’t be perfect, but it will help.

Using my version (still not stable enough for release), I’ve cut the spam traffic to my website by a significant margin. I am not naive enough to think I can stop every single spammer, but I can cut it to a dull throb.

—

It would be nice if a hunting season could be declared on spammers :)

Last edited by TheEric (2005-02-06 01:23:45)

#46 2005-02-06 02:20:19

zem

Developer Emeritus

From: Melbourne, Australia

Registered: 2004-04-08

Posts: 2,579

Re: Automatic Referral spam Blocking.

> Spammers don’t have time – They are in a rush. They will not visit more than one page at a time on your website as it costs them links per hour.

I’m a bit confused by this. At least in the case of referrer spam, it’s common enough to see several bots running on multiple IPs making duplicate hits. (What you say is true for manual comment spam though).

> Spamming is automatic, spending “real user” time on a website costs them time.

Correct (and this is what I mean by “spam equals economics”). Which is why duplicate hits tend to show up: it’s cheaper for them to waste bandwidth than it is to improve the efficiency and accuracy of their bots.

One thing is certain: any anti-spam measure has to have the advantage of leverage. It has to be cheaper and easier for the good guys to improve their filters than it is for the bad guys to overcome them. (That’s why cryptography works: a tiny increase in the cost of encrypting a message makes an enormous difference in the effort required to break it)

---

Alex