I got spam-hit again last night. I think I’ve deleted 30 so far, and with the way MT is set up, it takes forever to delete lots of spam comments. The frustrating thing is that the spammers’ IP is 206.184.208.20, which reportedly is the same IP I’m posting from, so I can’t block that IP.
I am really frustrated by this.
One of the reasons I was excited by blogging software is the commenting feature. I have become bad about responding to mail—comments were a way of hearing readers’ reactions.
But deleting this spam shit and then rebuilding my site is unwieldly and unfun.
Later: At least 150. (I’m not sure what the original count was.) Is there nothing about the web that spammers and pornographers can’t ruin?
It’s possible your PC has been compromised, and a program on it could in fact be sending the spam.
You may want to double check your firewall settings with regard to which programs can communicate over the network. And the usual:
– Check for virus with the *latest* Virus Scan datapack.
– Make sure your Windoze OS is up-to-date. (Over the last month there have been a number of ‘Critical’ fixs made available by MS.
I take it you didn’t like my remark that you’re obviously right-handed? Just my initial thought on reading your need for fountain pen ink. As a leftie, fountain pens are proscribed, as they smear….
Good Luck.
Well, we run Mac for our server, not Windoze. And my IP address isn’t 206.184.208.20–that’s the weird thing (or one of them, at any rate). It’s something that begins with 4., not 206. No idea where 206.184.208.20 is coming from.
I deleted your comment because I had no idea what it was relating to. Given that I was deleting 150 comments from guys named “Frank,” “Mike,” “Jason,” and “Steve,” it’s amazing any comments on any entries survived at all.
One thought
(FWIW, This is not my area of expertise, just kibitzing)
– If you’re using a router, it’s possible that IP addresses are issued from it using ‘nat’.
NAT [Network Address Translation] provides a way (as I understand it) for the router to supply IP addresses to your local network, without surfacing them to the outside world.
Side benefits: 1. Prevents IP addresses from being used up world-wide
2. Acts a bit like a firewall – the outside world doesn’t see the IP addresses of the NAT re-mapped PCS on your local network, rather the outside world only sees the single IP on the Router.
Just a thought that this might be a factor here. Dunno for sure.
Again,
Good luck.
I recently started my own blog and the whole comment spam thing almost scared me away. Slashdot has a recent post dealing with this rapidly increasing problem, with great links to possible solutions. Search for “Spam Rapidly Increasing In Weblog Comments”. In the meantime learn a little mysql, ie: delete from mt-comments where author = ‘spammer@whatever’ or where website = ‘http://blahpornspam.com’ then rebuild the site.
Also NAT (network address translation) will do nothing for you. The spammer spoofed the ip address of the web server, not your home computer. Spoofing is relatively simple and it has the benefit, unfortunately, of hiding their real address.
I hope that was helpful.
I’m hoping MT is going to come out with an upgrade that makes it easier to control comments. The ability to look at the 20 most recent comments and check a delete box on each (instead of having to visit each comment and check it out, then delete it) would end a lot of the headache.
A chum is trying to convince me to move to PHPNuke. I like MT so much though (and the few PHPNuke sites I’ve seen look too busy for my tastes). But if MT doesn’t get on top of it, we’ll see…
Diane, I’m going to go find a Wired article for you about this. Somebody responded and has some sort of a plugin to prevent this from happening, a sort of whitelist for MT comments.
You might give a try. I’m just glad I don’t have to deal with this at the moment, I just have to deal with psychos leaving random comments.
(Although now that I think about it, it seems to me that some of the comments I thought were from my psycho ex were actually from a spammer. Hah.)
http://www.jayallen.org/misc/projects/mt-blacklist/
That took like two seconds. Heh.
I want to install MT-Blacklist, except for two things: we need to upgrade our server to Panther (haven’t fit it into our busy schedules) and we need to install some package into Perl (haven’t investigated this to find out precisely what we need to do).