An update on comment spammer behavior here on WanderingThoughts

June 30, 2010

I last wrote about comment spammer behavior (plus) and my comment spam precautions back in 2007. Three years is almost an eternity in Internet time, so I figure it's about time for an update on the comment spam situation here.

These days, by far my single most effective anti-comment-spam precaution is my invisible honeypot text field. Comment spam robots appear to be utterly robotic about filling in any text field they can see, or at least any text field that appears to be called 'name'. I suspect that the spam robots are programmed to look for the name partly because many of the field contents that I see are either vaguely plausible names or at least short things like 'xzhmrgvpx'.

(At other times, the field gets stuffed with things like 'Buy percocet' and other short sentences.)

Some comment spam robots are smart enough to get past having to preview comments before they can be posted. I suspect that they are not doing anything smarter than noticing that the new page they got in reply to their POST still has a familiar form and re-doing another POST (possibly after re-stuffing some of the field values; interestingly, the one thing that they don't seem to do is re-stuff my honeypot field). The spam robots that I see here don't seem to try this more than once.

(I assume that this means that a decent number of blogs now need this sort of repeated posting attempts.)

None of these comment spam precautions save me from actual humans (which I get every so often) or would help me against a spam robot that was specifically programmed to deal with WanderingThoughts. Thus, at the meta-level my two most effective precautions continue to be not running common software and not being popular enough to make it worth anyone's time to program something for me specifically.

Written on 30 June 2010.
« Converting between IPv4 addresses and 32-bit integers in Python
A corollary to the limits of anti-spam precautions »

Page tools: View Source.
Search:
Login: Password:

Last modified: Wed Jun 30 23:14:23 2010
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.