DDT for comments

Recovered from the Wayback Machine.

From the trackback entries I’ve received from an old comment spamming entry, I gather the spammers have been out and about recently. I received a recent comment spam myself – a shotgun message that seems to provide links to everything your kid wants to know about, but you don’t want them to ask.

It goes by vig-rx. Rings the bells?

Even though I discussed a method for preventing these, I received the comment because I don’t currently have the comment trap (described in the post referenced by the trackbacks) enabled. Why? The reasons are simple: I’m currently adding new weblogs and there’s too much overhead for too little payback with the technique.

The comment trap requires changes to all comment forms in all templates in all weblogs. I have recently added several new weblogs, and am adding three new ones in the next week or so; that’s a lot of template changes. As all of the weblogs use the same comments application, mt-comments.cgi, either the template change is added to all weblogs and weblog pages, or it’s not used for any of them.

I could add the change, and that leads to my second reason for not using the comment trapper at this time – effort and payback. If I implement the comment trapper, it’s used with every comment to my weblogs, from either friend or foe. Though the code seems insignificant, it adds to the overall process burden on my weblog’s server; start adding up tiny little burdens and over time, you have some significant performance hits every time a person tries to post a comment.

It would be worth the performance hits if I received a lot of comment spams, but I don’t, and other than the bad nuisance ones that post a thousand comments at once, the comment spams I get aren’t much more than a minor annoyance. I see them, I delete them, end of story.

What I find more annoying is the Google searchers who search on some esoteric search phrase and post comments on old posts that are irritating and irrelevant to the post. These do not fit the criteria of ‘comment spams’, but they also don’t add a lot of value, either.

I have a couple of options for older posts. The first option is the one I’m currently using, and that is allow the comment but filter it from my ‘recent trackback/comment’ list. I also did this with trackbacks after getting several trackbacks on old posts from Radio-based weblogs when trackbacks were enabled. However, this also filtered out the recent trackbacks because of the comment spam problem – odd how this works out – and I decided to keep the comment filtering, but eliminate the trackback filtering. For now.

Another option is one that I’m very seriously considering and that is turning off comments for older posts. Weblog writing is both ephemeral and enduring, contradictory as this may seem. Our writing rolls of the page to barely accessed archives, with faint hiccups of activity that linger a week or two from latecomers; but because of search engines and other weblog writers with long memories, the writing never completely disappears.

Have you ever been to a party and been in an animated discussion with a group of people, and someone joins the group with comment about a conversation you were involved in 6 months ago? Unlikely in real life, but this type of activity can occur in weblogs. It’s particularly noticeable with weblogs like mine and so many others that implement some form of recent trackback/comment feature.

While I can see the value of the trackback on older posts – look how three pings have re-awakened an old conversation in response to comment spammers – I question the value of comments on old writing and old conversations. The players have moved on, the songs changed. Additionally, turning off comments for older posts provides fewer entry points into our systems for comment spammers. This is an option I’ll continue to think on.

Two options I won’t explore, though, are IP banning and comment registration. I find comment registration to be irritating, and have been put off more than once having to register to leave a comment. I’d rather just turn comments off.

IP banning is more troublesome, and I hope that people who’ve implemented this consider carefully the consequences. As some of you may have discovered, the recent vig-rx comment spam originated from a domain that’s part of the Asia Pacific Network. APNIC is the equivalent agency as ARIN, which manages the IP addresses for America; it is one of the four major registries that manage DNS for the world. Further lookup at APNIC shows that the IP originates with ChinaNet. In case you’re curious, ChinaNet is the major Internet backbone for China.

If you add the IP address to your .htaccess file to block it, congratulations – you’re effectively denying your weblog to people in China, because chances are, the next time someone uses that IP, it’s some student or other person out exploring or looking for information. If you add them to MT to block comments for the IP, they can still view your weblog and most likely wouldn’t leave a comment anyway; however, then you’ve added a tiny bit more CGI processing for every comment that is left.

The problem with IP banning is that it only works with consistent IP addresses, and the only entities with consistent, unmasked IP addresses are companies who don’t use proxies and people affluent enough to have a static internet connection. It’s too easy to spoof IP addresses – originating a comment spam from one IP address, making it seem like it comes from another – and too easy to use a random connection to change the IP address next time you’re in the neighborhood with porn to sell.

An additional constraint on the effectiveness with IP banning is that people and organizations also use open proxies to access the internet so that their IP addressed aren’t exposed. The use of proxies was covered not that long ago when it was discovered that China was blocking access to Blogspot weblogs from people using IP addresses that originated in China. In fact, IP addresses from that same China Net that originated the current flurry of comment spam activity.

As regards to our friend, vig-rx, if lists of IP addresses are passed around weblogs, as was discussed over in comments at Liz’s weblog, and added to .htaccess files everywhere, then the Chinese government doesn’t have to censor weblogs – we’re doing it for them.

Print Friendly, PDF & Email