[geeklog-devel] Negative side effect of comment spam filtering

Dirk Haun dirk at haun-online.de
Sun Dec 19 04:07:28 EST 2004


>If you just send a redirect in response, likely the spammer
>isn't going to have his software visit the front page (and slow the
>number of spams he can put out).

Good point. This seems to confirm it (from an attempted spam post): - - [18/Dec/2004:14:06:04 -0500] "GET /forum/
createtopic.php?method=postreply&forum=10&id=27114&quoteid=27805 HTTP/
1.1" 200 32932 "http://www.philippestarckwatches.co.uk/" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)" - - [18/Dec/2004:14:07:07 -0500] "GET /forum/viewtopic.php?
mode=preview&showtopic=27114&onlytopic=Yes&lastpost=true HTTP/1.1"
200 59842 "http://www.geeklog.net/forum/createtopic.php?
method=postreply&forum=10&id=27114&quoteid=27805" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)" - - [18/Dec/2004:14:10:08 -0500] "POST /forum/
createtopic.php HTTP/1.1" 200 13903 "http://www.geeklog.net/forum/
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)"

These 3 requests came out of nowhere and there are no further requests
after the POST.

Actually, there are a few more requests from that same IP (somewhere in
Indonesia - probably a hijacked PC), but they have nothing to do with the
above spam post.

It seems our "friend" here is also attempting some referrer spam, but
none of the domains used in the referrer (including the above) work for
me. Plus they have all been registered recently (i.e. in December 2004).

bye, Dirk


More information about the geeklog-devel mailing list