[geeklog-devtalk] Spam warnings?

[Richard S. Westmoreland]

----- Original Message ----- 
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devtalk at lists.geeklog.net>
Sent: Monday, March 21, 2005 1:53 PM
Subject: Re: [geeklog-devtalk] Spam warnings?


> >So why not let the comment poster confirm his/her own posts?  Like this -

> >anonymous poster must also supply their email address, poster adds

comment,

> >geeklog generates confirm email to that address, poster must click

> >confirmation link in their email before comment shows up.

>

> I would assume even that could be automated easily: Set up a server, post

> with throw-away account for the domain, parse email, auto-approve self.


It's all about return on investment.  How FAST can they accomplish
something?  Setup a new domain, use it for 48 hours, and you've got 1000+
spams on geeklog sites.

But, setup an email account, submit comment, get confirmation email, confirm
email.  You can botscript that, but combine that with the rest of the hassle
and the spamx plugin, and your window of opportunity gets pretty tight.
They would have to keep setting up mail servers.  If you combine SpamX
blacklisting with the spamhaus RBL-XBL, then they can't use any dialup or
broadband machines for their mailservers.  They would have to use a
legitimate mail server (probably not of their own), which slows them down
even further (as far as botscripting) and narrows their resources quite a
bit.

Rick