A spectacular web spammer failure
In the spirit of earlier heroic failures, I just
saw someone attempt to put an entire
POST form in the actual HTTP
request. No, really. The incoming request looked something like this:
login=%5Burl%3Dhttp%3A%2F%2Fwww.nextlevelnews.com%2F [.. elided ..] %2F70.html%0D%0A+&view=login&page=blog%2Flinks%2FBestToolPOST /~cks/space/.login HTTP/1.1
This is perhaps the most abject spammer failure I've seen.
(It also confirms that web spammers are targeting my login form as well as the 'post a new comment' form; I have a theory on that, which doesn't fit in this margin.)
Unsurprisingly, the request came from a charter.com cablemodem that
is currently in
bl.spamcop.net and the CBL, among other places.