Am I the only blogger on weblogs.mozillazine.org who has come under sustained comment-spam flooding this week? There seem to be two main perpetrators: a vaguely literate group who are interested in selling discount cosmetics, sailing boats, shoes, magazine subscriptions and contact lenses, plus various adult products (sounds like a comment-spammer-for-hire) and one Viagra spammer with a much more limited command of English. Together they post between 20 and 80 comments a day.
I can't implement an IP-address-based block because, according to kerz:
We use a web filtering proxy which caches static pages, but also has the side-effect of causing all apache requests to have the same IP address, which is our proxy's.
So, in the MT interface, all comments are labelled with the same IP address. :-( I am reduced to monitoring my inbox and using MT's bulk delete tool on a daily basis. <sigh> I could close comments on all but the newest few posts but a) that seems a bit sad, and b) MT doesn't provide a bulk tool for it, so I'd have to do each one individually.
Posted by gerv at August 14, 2004 9:27 PMMT needs to be hacked so it uses HTTP_X_FORWARDED_FOR (or similar) instead of REMOTE_ADDR to fetch visitor IP.
Assuming you use proxy, which sends originating IP in HTTP headers.
If hacking MT to look at the other header doesn't work, and the abusing IPs are pretty stable, maybe kerz would be willing to block them on the proxy.
Posted by: Dave Miller at August 15, 2004 7:01 AMIn a couple of weeks (I think), Jay Allen will release an updated version of MT-Blacklist for MT3 which will allow you to block spam comments more effectively. It works well, a lot of MT blogs use the MT2.x-compatible version already, although the MT3 version is much more powerful. Ask the MZ admins to install it when it's released.
Posted by: Neil T. at August 15, 2004 9:04 AMI have to say I'm surprised w.mz.o hasn't started using the TypeKey registration thingy.
Posted by: Peter Hewitt at August 15, 2004 10:14 AMI'm under a constant attack. It's sick.
I'm waiting for MT Blacklist 3.0 to ship (hopefully soon).
I'm very very very close to enabling TypeKey for the time being.
Posted by: Robert Accettura at August 15, 2004 3:01 PM