|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Comment spammers chewing blogger bandwidth like crazy
On Sun, 14 Jan 2007, Tony Finch wrote: > > On Sun, 14 Jan 2007, Peter Corlett wrote: > > > > For the benefit of those of us who have been lucky to Recover from ISP work > > and now herd blogs, would you be so kind as to share which blacklists are > > worthwhile and worth consulting on this front? > > I would expect the lists of compromised hosts to be fairly effective - > open proxies of various kinds and perhaps botnet hosts. As for SMTP the > blacklists would only be a starting point that either provide a cheap > preliminary check or feed a more sophisticated filtering system. Honestly, the more advanced we get we still can't get a hold on this issue. Imagine you run a blog services web site, and each blog gets between 1000 and 1,000,000 comment spams a day. Or even just one blog with several thousand such. Advanced systems based on "time on page", "direct to post link", capctahs, Javascript captchas or challenges, URL in name, URL in DATA, # OF URLs, etc. are all fine scoring rules, add to that a DNSBL and you will be fine to a level... until next week. There are quite a bit of botnets involves, but a lot of "mass-mailers" are still in this business. This is not very NANOG relevant and I feel I contributed enough on the subject (unless the membership keeps responding), but it is a very serious issue. There is a mailing list dedicated to this subject, you can ping me off list if you are interested in the topic. > > Tony. > -- > f.a.n.finch <[email protected]> http://dotat.at/ > SOUTH UTSIRE: NORTHWEST BACKING SOUTHWEST 6 TO GALE 8, OCCASIONALLY SEVERE > GALE 9. VERY ROUGH OR HIGH. RAIN OR SQUALLY SHOWERS. MODERATE OR GOOD. >
|