[thelist] spammers/spambots
Nan Harbison
nan at nanharbison.com
Thu Jul 30 06:28:02 CDT 2009
The problem with blacklisting certain words is that spammers then use a zero
for an 'o', or a one for an 'l' or misspell the word so it is still
recongicable to the human eye but not to the blacklist.
Nan
-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Bob Meetin
Sent: Wednesday, July 29, 2009 6:42 PM
To: thelist at lists.evolt.org
Subject: Re: [thelist] spammers/spambots
Barry Woolgar wrote:
> Hello
>
> Although it's generalising to an extent, I believe bots will harvest
> your form's details and then just start blind posting common field
> names and values to the form's action.
>
> Based on this assumption we've had a fair bit of success with a text
> field named 'url' (or something similarly juicy) hidden with CSS, a
> label of 'Not for public use' (for people with CSS disabled), and a
> value of 'blank'. Then our form processor checks $_POST['url'] is set and
has the value of 'blank'.
> Anything else is spam or a rather dense form filler who will be
> displayed the form again. I can't remember if this was originally
> suggested here or on A List Apart, but I've yet to see a spambot get
around it.
>
> For what it's worth, I don't think blacklists are useful as they'll
> always find a way around them, or you'll spend ages tweaking and tweaking.
>
> Hope that helps.
>
> Barry
>
> -----Original Message-----
> From: thelist-bounces at lists.evolt.org
> [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Bob Meetin
> Sent: 27 July 2009 16:05
> To: thelist at lists.evolt.org
> Subject: [thelist] spammers/spambots
>
> Just curious, I am finishing up a little program, the preprocessor,
> which will be used to grab $_POST or $_REQUEST content, and if it
> meets certain criteria, reject any further processing.
>
> So the first question, automated spambots, do they attempt to fill in
> content in any/all fields even if the field is bogus/contrived?
>
> And the second question, much of the spam content I see is posted in
> non-English dialects, way not English. If I knew where to start I can
> probably include some of this "stuff" in a reject list, but I'm not
> surehow to get or convert these odd looking characters into something
> my forms can handle. Suggestions?
>
>
* Setting up the proprocessor to do some pattern matching comparing field
input has helped tremendously (100%) already
* Just to see what it brings, I added a new field similar to your URL field
with a default value and (not for public use)
I also set up a log file that captures specific fields and will log the not
for public use field - just gotta know...
I concur, the blacklist method isn't particularly useful but it has its
moments. The wordpress component in Joomla uses this. The list of moderated
comments displays subject, IP address, email, comment, etc. I see many
comments from the same email address coming from different IP addresses.
They move around.
By adding the following list of phrases to the blacklist it does help.
As I am unfamiliar with the language I wonder if adding what appears to be a
foreign alphabet (each character at a time) will help?
????????????
viagra
our pharmacy
pupkin.net
getz
adultfriendfinder
[url=http://
Why does the term "desperate" come to mind when I read the spam content?
--
Bob
--
* * Please support the community that supports you. * *
http://evolt.org/help_support_evolt/
For unsubscribe and other options, including the Tip Harvester and archives
of thelist go to: http://lists.evolt.org Workers of the Web, evolt !
More information about the thelist
mailing list