Tracking Blog Spam

Posted by Bill McGonigle Fri, 30 Mar 2007 07:19:00 GMT

My blog is getting killed with spam, greater than 300 per day. Does anybody know how to implement CAPTCHA in typo? Or make Akismet do a better job of ranking?

In the meantime I’ve taken to blocking IP addresses. Here’s a handy little script I worked up (regex from the Perl regex FAQ) to take a block of arbitrary text (copy ‘n paste from my typo admin console’s log of comments) and spit back iptables blockrules for any IP addresses found in the text:

#!/usr/bin/perl -w
          use strict;
          use warnings FATAL=>'all';
          
          my (@addresses);
          while (<>) {
              my $str = $_;
              if ($str =~ /\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}/)
              {  #{1,3} says find at least 1 and no more than 3 of \d.
                  # we must escape the dots . which are normally wild cards
                  # to make them match dots.
                  # you might have notice already that $& contains the last match
                  my $remoteHost = $&;
                  push(@addresses,$remoteHost);
              }
          }
          
          foreach my $address (@addresses) {
              if ($address ne '127.0.0.1') {
                  print "-A RH-Lokkit-0-50-INPUT -s $address -j DROP\n";
              }
          }

Now, this isn’t the best strategy as of 789 spams, there were 189 unique hosts, so it’s more distributed than I’d like. Perhaps it’s a start, though.

Update: I installed Typo 4.1 which has a feature called ‘Enable Spam Protection’, which looks at blacklists.

del.icio.us:Tracking Blog Spam digg:Tracking Blog Spam reddit:Tracking Blog Spam spurl:Tracking Blog Spam wists:Tracking Blog Spam simpy:Tracking Blog Spam newsvine:Tracking Blog Spam blinklist:Tracking Blog Spam furl:Tracking Blog Spam fark:Tracking Blog Spam blogmarks:Tracking Blog Spam Y!:Tracking Blog Spam smarking:Tracking Blog Spam magnolia:Tracking Blog Spam segnalo:Tracking Blog Spam