Like everybody else, I am subjected to various forms of spam every day. At the top of the list, email, of course, which pretty much everyone reading this weblog probably endures every day. But I also receive more unusual forms of spam that only a smaller portion of the online community ever has to deal with.
As the owner of a relatively big mailing-list (EJBGen, 620 members as of today), I am a regular target for both untargetted (sex, loans, etc…) and targetted (recruiting firms) spam. I have always been reluctant to make my mailing-lists moderated, because my time is limited but also because I want posters to feel free to email whenever they feel like it. Then I realized that Yahoogroups offers two very effective ways to prevent spamming without resorting to full-length moderation.
First of all, I receive an email every time a new member joins. Mailing-list spammers are not very clever at making out fake names, so their email address is usually a dead give away (firstname.lastname@example.org, etc…). I don’t expect this trend to last much longer, but it allows me to preemptively remove and ban the person quickly.
The second feature that I recently turned on is that first posters get moderated when they send their first message. This is extremely effective and it will force the spammers to send at least one on-topic message on the list before being able to unload their crap on my subscribers, something which I don’t think will be worth their time.
Then, there is weblog comment spam.
Most weblogs allow readers to leave a comment, optionally allowing them to leave an email address and a Web site. It didn’t take long to spammers to figure out that this was a cheap way to have many self-created links to their own Web site, thereby artificially inflating their Google ranking.
What baffles me with this kind of spam is that it strikes me as an extremely inefficient way to boost your ranking. First of all, you need to go through a form to file a spam, and while it is theoretically possible to automate pretty much any kind of interaction with a browser, I suspect most of these spams are made by hand. Leaving a comment on a weblog is an expensive process, aggravated by the variety in weblogs and procedures needed to achieve that result. Another thing to keep in mind is that this kind of spam is only effective if the comments are displayed prominently on the weblog, or at least, that they are reachable by a GoogleBot, another thing that is not a guarantee.
So I am really shocked to see that despite these facts, spammers take the time to leave fake comments in weblogs. Which is pretty alarming since it confirms that these guys have a lot of resources and money to be able to finance this kind of grunt work.
So far, I was just deleting the comments manually, one by one, which is pretty easy since I receive an email every time a comment is left on my Weblog. However, I received my first “full scale” attack a few days ago and a spammer left over thirty spam comments spread over that many entries. So I decided to install MT-Blacklist, which is now up and running and working great. Spammers can now be blocked right away if the content of their comment matches a black list, but in case they work around this first measure, I still receive the comment in email and the bottom of that email contains a link allowing me to eradicate and blacklist the offender in one fell click. Quite a relief.
I wonder what spammers will come up with next…