[geeklog-devtalk] geeklog-devel digest, Vol 1 #462 - 6 msgs

geeklog-devel-request at lists.geeklog.net geeklog-devel-request at lists.geeklog.net
Sun Dec 19 13:00:01 EST 2004

Previous message: [geeklog-devtalk] geeklog-devel digest, Vol 1 #461 - 9 msgs
Next message: [geeklog-devtalk] Better Late than Never
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Send geeklog-devel mailing list submissions to
geeklog-devel at lists.geeklog.net

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.geeklog.net/listinfo/geeklog-devel
or, via email, send a message with subject or body 'help' to
geeklog-devel-request at lists.geeklog.net

You can reach the person managing the list at
geeklog-devel-admin at lists.geeklog.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of geeklog-devel digest..."

Today's Topics:

1. Negative side effect of comment spam filtering (Dirk Haun)
2. Re: Negative side effect of comment spam filtering (Vincent Furia)
3. Re: Negative side effect of comment spam filtering (Dirk Haun)
4. Revised plan of action: Geeklog 1.3.11 (Dirk Haun)
5. Re: Revised plan of action: Geeklog 1.3.11 (Blaine Lang)
6. Re: Revised plan of action: Geeklog 1.3.11 (Dirk Haun)

--__--__--

Message: 1
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Date: Sat, 18 Dec 2004 23:29:08 +0100
Organization: Terra Software Systems
Subject: [geeklog-devel] Negative side effect of comment spam filtering
Reply-To: geeklog-devel at lists.geeklog.net

Hmm,

there's a story on Slashdot on how comment spam is causing increased
server load on sites running Movable Type (the guys we're borrowing the
blacklist for the SpamX plugin from).

In this post:
<http://www.movabletype.org/news/2004/12/comment_spam_load_issue.shtml>
the blacklist maintainer writes:

|In fact, we have found that there is a fairly major bug (in terms of

|effect, but not code size) which causes page rebuilding even in the case

|of a comment submission which would be moderated and hence should have no

|effect on the live page. This means that even if you are using comment

|moderation in Movable Type and even force moderation in MT-Blacklist,

|your server load is impacted just as if a comment had been posted to the

|live site. This bug has been fixed in development.

Now, when filtering out a comment as spam, Geeklog throws the poster back
to the site's front page. In other words, I guess this could happen to
us, too, if the spammers would really start attacking a Geeklog site.

Sounds like it would be better if Geeklog just died, only displaying the
"spam detected" message (and maybe a link back to the index page, if we
want to be really nice).

Comments?

bye, Dirk

--
http://www.haun-online.de/
http://www.handful-of-sparks.de/

--__--__--

Message: 2
Date: Sun, 19 Dec 2004 01:03:51 -0500
From: Vincent Furia <vfuria at gmail.com>
To: geeklog-devel at lists.geeklog.net
Subject: Re: [geeklog-devel] Negative side effect of comment spam filtering
Reply-To: geeklog-devel at lists.geeklog.net

If we're redirecting to the front page I don't think this will be a
problem. It sounds like MT is re-building the site front page when a
spam comment comes in (i.e. no redirect). This is a problem because
the page gets build even if the spammer just through out a HTTP post
request. If you just send a redirect in response, likely the spammer
isn't going to have his software visit the front page (and slow the
number of spams he can put out).

Now, we may want to look at reducing overhead as much as possible
(*cough* lib-common.php *cough*) to minimize the impact of a spam
comment.

All of this is just a guess of course. I've never seen any MT code
and I've only taken to most cursory look at our spamx plugin...
</twocents>

-Vinny

On Sat, 18 Dec 2004 23:29:08 +0100, Dirk Haun <dirk at haun-online.de> wrote:

> Hmm,

>

> there's a story on Slashdot on how comment spam is causing increased

> server load on sites running Movable Type (the guys we're borrowing the

> blacklist for the SpamX plugin from).

>

> In this post:

> <http://www.movabletype.org/news/2004/12/comment_spam_load_issue.shtml>

> the blacklist maintainer writes:

>

> |In fact, we have found that there is a fairly major bug (in terms of

> |effect, but not code size) which causes page rebuilding even in the case

> |of a comment submission which would be moderated and hence should have no

> |effect on the live page. This means that even if you are using comment

> |moderation in Movable Type and even force moderation in MT-Blacklist,

> |your server load is impacted just as if a comment had been posted to the

> |live site. This bug has been fixed in development.

>

> Now, when filtering out a comment as spam, Geeklog throws the poster back

> to the site's front page. In other words, I guess this could happen to

> us, too, if the spammers would really start attacking a Geeklog site.

>

> Sounds like it would be better if Geeklog just died, only displaying the

> "spam detected" message (and maybe a link back to the index page, if we

> want to be really nice).

>

> Comments?

>

> bye, Dirk

>

> --

> http://www.haun-online.de/

> http://www.handful-of-sparks.de/

>

> _______________________________________________

> geeklog-devel mailing list

> geeklog-devel at lists.geeklog.net

> http://lists.geeklog.net/listinfo/geeklog-devel

>

--__--__--

Message: 3
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] Negative side effect of comment spam filtering
Date: Sun, 19 Dec 2004 10:07:28 +0100
Organization: Terra Software Systems
Reply-To: geeklog-devel at lists.geeklog.net

Vinny,

>If you just send a redirect in response, likely the spammer

>isn't going to have his software visit the front page (and slow the

>number of spams he can put out).

Good point. This seems to confirm it (from an attempted spam post):

202.134.0.136 - - [18/Dec/2004:14:06:04 -0500] "GET /forum/
createtopic.php?method=postreply&forum=10&id=27114&quoteid=27805 HTTP/
1.1" 200 32932 "http://www.philippestarckwatches.co.uk/" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)"
202.134.0.136 - - [18/Dec/2004:14:07:07 -0500] "GET /forum/viewtopic.php?
mode=preview&showtopic=27114&onlytopic=Yes&lastpost=true HTTP/1.1"
200 59842 "http://www.geeklog.net/forum/createtopic.php?
method=postreply&forum=10&id=27114&quoteid=27805" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)"
202.134.0.136 - - [18/Dec/2004:14:10:08 -0500] "POST /forum/
createtopic.php HTTP/1.1" 200 13903 "http://www.geeklog.net/forum/
createtopic.php?method=postreply&forum=10&id=27114&quoteid=27805"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)"

These 3 requests came out of nowhere and there are no further requests
after the POST.

Actually, there are a few more requests from that same IP (somewhere in
Indonesia - probably a hijacked PC), but they have nothing to do with the
above spam post.

It seems our "friend" here is also attempting some referrer spam, but
none of the domains used in the referrer (including the above) work for
me. Plus they have all been registered recently (i.e. in December 2004).

bye, Dirk

--
http://www.haun-online.de/
http://www.haun.info/

--__--__--

Message: 4
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Date: Sun, 19 Dec 2004 11:30:27 +0100
Organization: Terra Software Systems
Subject: [geeklog-devel] Revised plan of action: Geeklog 1.3.11
Reply-To: geeklog-devel at lists.geeklog.net

The next Geeklog release will have to be called 1.3.11, since we have to
make a change in the database[1] (and so that we can keep our "same
(base) version number = same database structure" rule of thumb).

1.3.11 is intended to replace 1.3.10 and I'd like to make this upgrade as
painless as possible. Therefore, no changes in template files,
config.php, or language files from now on, please.

In fact, the only to-do item left on my agenda is the fix for posts to be
archived using the archive template files too early (bug #345). Blaine?

My plan is to have a Release Candidate out by Wednesday (22nd) and the
final release before the end of the year.

If anyone has a chance to test out the current version from CVS, please
do so. I'm especially interested in any problems (or absence of problems)
with submit.php and the calendar.

bye, Dirk

[1] http://www.geeklog.net/forum/viewtopic.php?showtopic=44219

--
http://www.haun-online.de/
http://www.haun.info/

--__--__--

Message: 5
From: "Blaine Lang" <geeklog at langfamily.ca>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] Revised plan of action: Geeklog 1.3.11
Date: Sun, 19 Dec 2004 10:05:26 -0500
Reply-To: geeklog-devel at lists.geeklog.net

Dirk wrote:

> The next Geeklog release will have to be called 1.3.11, since we have to

make a change in the database[1] (

I must have missed that - what was the change Dirk.

> In fact, the only to-do item left on my agenda is the fix for posts to be

archived using the archive template files too early (bug #345). Blaine?

Got it - will do.

----- Original Message -----
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Sent: Sunday, December 19, 2004 5:30 AM
Subject: [geeklog-devel] Revised plan of action: Geeklog 1.3.11

The next Geeklog release will have to be called 1.3.11, since we have to
make a change in the database[1] (and so that we can keep our "same
(base) version number = same database structure" rule of thumb).

1.3.11 is intended to replace 1.3.10 and I'd like to make this upgrade as
painless as possible. Therefore, no changes in template files,
config.php, or language files from now on, please.

In fact, the only to-do item left on my agenda is the fix for posts to be
archived using the archive template files too early (bug #345). Blaine?

My plan is to have a Release Candidate out by Wednesday (22nd) and the
final release before the end of the year.

If anyone has a chance to test out the current version from CVS, please
do so. I'm especially interested in any problems (or absence of problems)
with submit.php and the calendar.

bye, Dirk

[1] http://www.geeklog.net/forum/viewtopic.php?showtopic=44219

--
http://www.haun-online.de/
http://www.haun.info/

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel

--__--__--

Message: 6
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] Revised plan of action: Geeklog 1.3.11
Date: Sun, 19 Dec 2004 18:11:20 +0100
Organization: Terra Software Systems
Reply-To: geeklog-devel at lists.geeklog.net

Blaine,

>I must have missed that - what was the change Dirk.

That was what the footnote was all about: In the comments table, the
'sid' field can only hold 20 characters. But a story's sid can have up to
40 characters in 1.3.10.

Comments posted on such a story will not show up.

bye, Dirk

--
http://www.haun-online.de/
http://mypod.de/

--__--__--

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel

End of geeklog-devel Digest

Previous message: [geeklog-devtalk] geeklog-devel digest, Vol 1 #461 - 9 msgs
Next message: [geeklog-devtalk] Better Late than Never
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devtalk mailing list