March 08, 2006

Comment Spam Alert

Have you noticed the recent uptick in the comment spam levels aimed at Movable Type blogs?

We have.

Jay Allen notes the problem and has some suggestions for how to tackle it on his blog.

For those of you using Movable Type, you may have noticed quite a uptick in the last week of spam. This spammer (and yes, the signature points to just one) is wily enough to evade most of SpamLookup's default tests. He is not, however, invincible.

First, assuming you're using Movable Type 3.2 and SpamLookup, you can make your life a whole lot better if you go to Weblog » Settings » Plugins » SpamLookup -> Keyword Filters and put the following into your Keywords to Junk:

acroduke
Probaly you should read this
dx1.us
/online-?(casino|poker)/i
/(pacific|empire).?poker/i
/texas\S*hold\S*em/i

Our spam problem stopped the second we implemented these. More info and a good comment thread on Jay's blog.


Has this tutorial been helpful? Please consider linking to Learning Movable Type at http://learningmovabletype.com/ . Thanks!

Posted by Elise Bauer on March 08, 2006 to Security
Comments(5) | Email to a friend | Printer-friendly version


Trackback

If you would like to send a trackback
please use the following URL: http://learningmovabletype.com/cgi-bin/mt32/mt-tb.cgi/450

Comments

Good tips but I have a much better tip: install the CCode plug-in. I installed this plug-in a long time ago but I have had it disabled in order to test its effectiveness until a few weeks ago. I waited until I was getting multiple pieces of comment spam every single day for a few weeks straight and then re-enabled it. I haven't seen a single piece of comment spam since (nearly a month now). I don't care for the way it handles trackback spam so I have TCode disabled but CCode is pretty awesome.

I got hit by this same spammer all week, and today was brutal. Very tanacious b*stard...building a solid SpamLookup filter is still a great defence imo as I do not want a Catchka [sic?]. Anyone willing to post their entire list for the good of all?

Also a good defence is forcing a preview like Elise does here. Was he able to get past this as well I wonder?

I guess a top paying keywords search might be in order to get the main culprits.

I definitely needed this information...I swear spammers were hitting me sporadically and it was pissing me off.

awesome. worked like a charm. all off my spam has been eliminated. Thank you so much for this

My web host just suspended my account because the mtcomments.cgi script was taking ludicrous amounts of the server CPU usage. So my site's been offline almost 48 hours. Bloody spammers.


Post a comment

(Before posting a comment please see the Comments and Trackbacks Policy. Do you need help troubleshooting your weblog? Please post questions and requests for support at the MT Support Forums. Thanks!)




Remember Me?

(you may use HTML tags for style)

Email to a friend

Email this article to:


Your email address:


Message (optional):