akismet – D’Arcy Norman dot net

more fun with antispam measures

The spammers have decided to try crapping on my blog again. Distributed spam botfarms – Chinese, Hungarian, Latvian, Turkish, and now even Israeli (I didn’t know spam was kosher). annyway…

I had to crank up the antispam countermeasures a bit. Akismet wasn’t stopping them, so I’ve added Bad Behavior as well. Hopefully there won’t be any false positives. Bad Behavior always makes me a bit nervous, as it’s rather final and unforgiving. Both very good things if it’s right, but it’s occasionally wrong…

on battling spam

The evil spammers have websites listing blogs that are ripe targets for their filthy spam, so it’s only fair that we also share ways to successfully beat them back into submission. I’ve been using Akismet pretty much exclusively on my blog since switching back to WordPress. It’s been pretty good, but sometimes goes into “large-bore sieve mode” and lets in gobs of nastiness. I’d tried Mollom, and while it’s interesting, it didn’t have much luck against the particular flavours of spiced ham that get thrown at my blog.

But, I’ve found the combination of Akismet and TanTan’s Simple Spam Filter plugin to be extremely effective. Here’s my Akismet spam history graph. See if you can tell when I activated Simple Spam Filter…

November 13, 2008.

The graph doesn’t show spam that got published, only spam that Akismet had to nuke. The number of spamments that were successful is quite minimal.

With the two working together, the amount of spam that actually gets through to be (temporarily) published on my blog is almost zero. Maybe one or two per day (sometimes slightly higher, sometimes none at all).

UCalgaryBlogs.ca now protected by Akismet

I got word back from Akismet that using it on UCalgaryBlogs.ca to protect all of the blogs hosted there falls under the free license, despite the wording on their website that suggests it’s an enterprise use. This means I’m now able to protect all blogs on the service with Akismet, without requiring a Captcha challenge.

The current version of the Akismet plugin for WordPress installs just fine in the mu-plugins directory, meaning each blog automatically gets protected, without any configuration or setup. The Akismet key can be hardcoded into the plugin file, and when that is done, all configuration interface magically disappears from the wp-admin interface. Easy peasy.

All that was required by Akismet was that I provide a link from each blog to Akismet.com to give credit for the spam protection. I wrote up a VERY simple mu-plugin to automatically insert the text and link in the footer of each blog on UCalgaryBlogs.ca.

I’m curious to see how well Akismet functions on some of the topics of conversation – some post colonial courses commonly use language that trips up word filters pretty readily…

akismet for ucalgaryblogs.ca

I just got confirmation from Akismet that I can use the antispam service for free on UCalgaryBlogs.ca – early next week I’ll figure out how to mu-plugin ify it, and hardcode the keys and links so everyone’s covered automatically by Akismet. Sweet.

spam-o-rama

I’d missed the news, but the latest version of the Akismet plugin for WordPress includes some tasty stats. As with all things statistical, there’s a few ways to read the numbers, and there are some anomalies (ferinstance, it claims I had a few days of over 1000 ham i.e., valid comments per day and that’s just plain wrong) but the spam stats feel roughly right. They’re not dramatically different from what I was seeing under Mollom, except nobody gets inflicted with Captcha using Akismet.

mollom just got punted

Mollom‘s been doing a simply outstanding job of blocking spam lately, after the warm-up period. Unfortunately, it appears to be doing a bang-up job of blocking legitimate, breathing humans who are trying (and failing) to comment. I’m moving antispam back to Akismet for awhile, and am hoping it’s just a growing pain for Mollom – I really like the system and design, but can’t have valid people frustrated when they try to post comments. For now, it’s back to moderating comments through Akismet…

The most honest spammer, ever.

I just got this spam on my blog – it got through Akismet, as so many spams do lately, but it’s worth posting (at least in image form so the spammer doesn’t get any juice from it):

Honest Spammer

And, yeah. I hit the “Spam” button to file this in /dev/null even if the guy was honest(ish). I’m assuming he just ripped the text out of Wikipedia or something, and used it without proper linktribution…

Switching from Spam Karma 2 to Akismet

My blog has been receiving spam in what looks to be a new wave of spam attacks. First, the spammers seed the whitelist by posting apparently innocuous comments with no URLs, or with a URL that doesn’t contain spam. Then, once they’re in, they wait a bit and then throw the switch. The spam starts a’comin’ and it sneaks through Spam Karma 2. Very annoying.

One thing I really like about SK2 is that it is standalone – it doesn’t rely on any network connection or other systems to flag stuff as spam. It just tracks IP addresses, user agents, and sniffs the content and URL for attempted comments.

But, that might be its weak point as well – by not harnessing the power of The Cloud, it’s more vulnerable to these kinds of guerrilla spam insurgencies. Once someone using Akismet has flagged someone as an evil spammer, everyone automattically benefits from that, without having to each individually flag the spammass as a jerkwad.

SK2 has served me well for quite some time. Here’s the current stats report:

SK2 report

Over 200,000 spams dealt with. But the number of moderations required is getting inconvenient – not impossible, but it’s becoming something I need to manage rather than just fire-and-forget, the way things used to be.

Now, with Akismet enabled instead, I’m at the mercy of The Cloud, but that might not be a bad thing…

Some progress against the evil spammers

After switching from BadBehavior+Spam.module back to Akismet, I assumed I’d be in for a bit of an onslaught of spam. I was braced for impact. I can’t believe the sheer volume of sustained attempted spam comments that are constantly being flung against this blog, 24/7 now. It’s peaked at several attempts per second, which was adding a bit of a load to the server as it struggled to thwart the forces of evil.

Shortly after switching to Akismet, and enabling the experimental spam detection, I was seeing this:

Now, that might not look like much, but it suggests that Akismet was having to reject attempts several times per minute. Fast forward 24 hours, and I see this:

Again, not looking like much, but the interval between Akismet interventions is getting longer. Either the spammers are slowly starting to give up, or this is just a natural lull. I mean, there can be several minutes now without an attempted spamment posting. Entire minutes!

Now, the downside of Akismet is that I can’t use it on any of my campus projects. The cost of licensing Akismet for the number of sites we have would be prohibitive, given our budget asymptotically approaching zero dollars (CDN).

Shortly after switching to Akismet, and enabling the experimental spam detection, I was seeing this:

Now, that might not look like much, but it suggests that Akismet was having to reject attempts several times per minute. Fast forward 24 hours, and I see this:

Again with the spam blocking.

OK. Even I am getting sick of the incessant "spam blocking update" posts, but I figure if it helps even one other person put the brakes on the attempts of the evil spamroaches, it's worth it.

So, here's the latest. I got frustrated with the number of spamments that snuck through the combo of Bad Behavior and Spam.module, so I disabled both. I've reverted to using only Akismet.module, with the experimental spambot detection/prevention enabled.

And, so far, it's doing a better job at blocking the roaches. I've got no idea if it's also blocking legitimate hu-mans, though.

One nice thing about Akismet.module vs. spam.module – with Akismet's experimental spambot prevention, it's closer to acting like Spam Karma 2, where if you smell like a roach, you don't even get close enough to pop the lid off your can of spray paint.

I'll have to look into updating Akismet.module for Drupal 5. There's really no sense in actually moving to D5 without spam blocking. That'd be kind of silly.

As an aside, I was looking through some of the logs, and found an interesting user agent, which led me to the product website for one of the evil spam roach comment bot factory applications. They have disclaimers on the site saying they don't condone using their product without the permission of the blog owners. What? Permission? What a frakking load of ass-covering crap that is. Yeah. You're going to give someone permission to aim a program titled "Blog Post Uzi" – because, you know, Uzis are all warm and fuzzy, and the kind of thing that friends give permission to other friends to point at each other. Yeah. Permission to spray the output of a concealable assault gun. Whatever. Karma's going to catch up to you in spades, my friends at Promo Arsenal (dot com).

OK. Even I am getting sick of the incessant "spam blocking update" posts, but I figure if it helps even one other person put the brakes on the attempts of the evil spamroaches, it's worth it.

And, so far, it's doing a better job at blocking the roaches. I've got no idea if it's also blocking legitimate hu-mans, though.

I'll have to look into updating Akismet.module for Drupal 5. There's really no sense in actually moving to D5 without spam blocking. That'd be kind of silly.