Entries tagged 'spam'

in poking around with adding support for comments here, i looked at integrating with the akismet anti-spam service, and the existing php libraries for using it didn’t work how i wanted or brought in dependencies that i wanted to avoid. so i made a simple akismet-api package that just uses guzzlehttp under the hood.

i haven’t made a test suite or added real documentation yet, so you should consider it pre-production, but it seems to work okay.

cleantalk is another anti-spam service that we use for registrations and comments on our store website and their php library is kinda non-idiomatic and strange, too. a reimplementation of that might be in the cards.

a joe job directed at my wife’s domain was the final little push i needed to start migrating all of our mail handling over to google apps. i am not super-excited to put it all in the hands of google, but free is a tough price to beat.

i am also working on shifting the primary dns for all of our various domains to everydns, which i was already using for secondary service (with an unlisted primary). the interface is clunkier than just editing the tinydns data file, but it is one less service i have to worry about.

it seems like an odd choice of addresses to spam, but i noticed i was getting a lot of spam to the address i had listed in the perl who’s who. i changed it to a date-stamped address, and i was getting spam to that address in a matter of days. so now i have changed it again to an address that is pre-configured to bounce everything.

i’ve been reading through old entries on behind the counter, a blog from someone who works weekends at a wal*mart customer service desk. in an old entry, the author links to another blog they started about their experiences dining out.

now that old blog appears to be abandoned — it redirects to another location which just has a captcha form on it, and the page title “confirm that you are a human being... too many artificial requests sorry.”

without giving it much thought, i dutifully typed in the text for the captcha image. and then was presented with another. looking at the source for the page, it looks like i have inadvertently verified that a particular hotmails.com email address is valid on some forum somewhere.

sorry!

if you think mail is a spam, just fucking bounce it. i have now gotten fucked twice in as many months because of gmail filtering really important emails into the spam folder. i really have more important things to do than babysit an overloaded spam mailbox just because gmail’s spam filtering is so pathetic.

to appease my non-technical readers, i will just mention in passing that the breakfast of spam, rice, and eggs is yummy.

on to the technical gobbledygook.

i’m really disappointed by gmail’s spam handling. i listed my gmail address on my about page, so it eventually made it into some spammers list and is now getting inundated with spam. there are 1240 messages in the spam folder, and i get about five to ten obvious spam emails in the inbox every day, mostly lottery and financial transaction scams.

have i mentioned lately how much i hate systems that filter spam into a folder? just bounce the damn messages and let the sender sort it out.

i also get a bunch of spam through my apache.org address. i should figure out if there’s some way i can configure things there to not accept mail that isn’t addressed directly to me. or maybe i should just give up the address when i move on to emeritus membership.

my mail handling could be a whole lot smarter. i started using gmail because i didn’t have to worry about email systems that rejected mail from my system because it didn’t have reverse dns set up, or sometimes end up on a blacklist due to nearby hosts, or whatever. the gmail interface is not bad, but i think i want to get all my mail back into one system.

i have some vague ideas about an amazon s3-backed mail system, but no real motivation to get started on it. i’d also like to write a mail client that behaved like i want. something like a gui mutt with some gmail goodness thrown in.

i noticed last week that i was getting stock-related spam at the address that was only ever given to tdameritrade (when it was just ameritrade). fortunately it’s easy to shut down an address like this and shift to a new one. we’ll see how long that one lasts.

i just got some spam to an email address that was only used for registering at emusic. i hate that.

blo.gs is back from the dead, including search. a quick test of searching for “los angeles” shows a bit of a spam problem, though. and the old stand-by for finding spam: searching for “paris hilton.”

craigh hughes beat me to sharing the thought about the performance of spammed stocks that i meant to — sell them short.

matt sergeant’s article about using qpsmtpd is noteworthy for reasons other than it has my name in it.

i’m still running a pretty minimal set of qpsmtpd plugins since i upgraded by server to ubuntu. my main source of spam is my old college address, which is so ancient that it is deeply embedded in the mailing lists that spammers swap. and apparently they aren’t running very good antispam software at hmc. (i think they expect each user to set up spamassassin on their own.)

here’s an interesting tidbit i picked up from the hmc cs department site: a co-inventor of sql, don chamberlin, is a fellow alum.

from an article in the washington post: “federal regulators accused seven companies wednesday of hiring others to send illegal e-mails with pornographic messages to tempt consumers to visit adult Internet sites. ”

“tempt consumers to visit adult internet sites”? i wonder why they avoided all forms of the word advertise. i guess they needed to sex up the language a bit to make it seem seamier.

i eagerly await the announcement that the ftc has cracked down on the mortgage spammers. i wonder if they will be accused of tempting consumers to visit online mortgage sites.

movalog is a blog about moveable type that has an online store that is apparently just dynamically-generated using the amazon api. this makes it really obnoxious when it shows up in google and a9 searches. just like the zillions of other useless amazon affiliates and shopping comparison sites out there.

according to the definition of search engine spam from tim mayer of yahoo, what movalog is doing is clearly search engine spam. it is redundant with amazon’s own pages that provide exactly the same information.

it is this sort of nonsense that makes it damn near impossible to find actual product reviews with a general-purpose search engine.

the strange german spam is actually the result of a worm/virus, and here’s some spamassassin rules to kill these german messages.

there’s a very persistent trackback spammer who i have managed to complete shut down. unfortunately, my trap for this pinhead is currently set up to email the blocked trackbacks to my email. so every time he does one of his 150 trackback spam runs, i get 150 of these dumb emails.

i need to flesh out my comment/tracback spam blocking a little more so i can flag some of these to just get dropped entirely.

matt haughey noticed a bogus blogspot site in his spam. when i was on the suicide mission known as homepage.com (second-generation geocities), it was software pirates that caused us huge problems with their automated signups. i can imagine it’s only worse with the spammers and scam artists these days.

i’m surprised that blogger doesn’t seem to have done much to prevent this. you can see the automated crap via searches at blo.gs for things like “herbal” and “hilton”.

it would be helpful if services like blogspot published information on sites that are deleted as well as updated, so services like blo.gs, technorati, feedster, pubsub.com, etc could drop the sites from their databases, too.

i left a comment on a typepad-hosted blog, and got the bounce message resulting from the email that typepad sends to the blog owner with the comment. typepad forges the SMTP envelope sender of the message to be the email address used in the comment, and that failed the spf check on the owner’s mail system.

so if you are a typepad blog owner that uses a mail system protected by spf (or other spam measures that make decisions based on the SMTP envelope sender), you can get comments posted to your blog for which you will not see the notification.

(and to be clear, typepad is in the wrong here. it has no reason to forge my email address as the envelope sender. and remember, the SMTP envelope sender is not the same thing as the From header.)

adminshop is a spammer. that is all.