[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Axiom-developer] spam attack
|
From: |
Page, Bill |
|
Subject: |
RE: [Axiom-developer] spam attack |
|
Date: |
Wed, 2 Aug 2006 15:18:25 -0400 |
Bob,
On Wednesday, August 02, 2006 2:42 PM you wrote:
> >
> > Are you suggesting that I drop all connections from the
> > complete list of ip addresses that are being used by the
> > spammers?
>
> Yes.
>
> > So far there are about 200 of these addresses
> > scattered over several different subnets so I am not sure
> > that this is practical. And as far as I can tell the number
> > of ip addresses they are using is growing. I could also
> > do something similar using our Apache hosts.deny file but
> > I am quite concerned that these are spoofed ip addresses
> > and do not really uniquely identify the spammers. Blocking
> > all of these addresses might well affect legitimate users.
>
> Only legitimate users that are using a hacked windows box.
> And, good riddance, they should fix their computers.
If this is really being done via zombie net then I guess we
should be happy that is was only a couple hundred, right?
Maybe you are right that this is not such a problem, but
I would feel bad denying people access just because they are
being exploited without being able to give any explanation
even though the chance that any one of these users might
really want to know about Axiom is probably not that high.
>
> > > Then, one would want to remove the ban on regular links
> > > or you would hit legitimate users. I'm assuming banned_links
> > > would contain only the bad URL's/domain names. So in each
> > > case you would get at least one spam.
> >
> > No, this does seem practical either because there are
> > literally hundreds of these domain names.
>
> Yep. Why is that a problem?
The problem as I see it is that using this method we actually
have to let the spam through initially in order to capture
the domain names. And we don't have any easy way to harvest
the banned links from the spam postings and update the
pattern list. So it's an ongoing manual process. Plus I am
not sure how large this list can be practically speaking
since this is processed by Python as a large set of regular
expressions.
Maybe there are some new anti-spam options that Simon has
invented for ZWiki that could help, but merging our modified
ZWiki/LatexWiki code with the new ZWiki code is also likely
to be a serious amount of work. So far I have only done that
on a piecemeal basis.
> ...
Regards,
Bill Page.
- [Axiom-developer] Re: Be Bold, (continued)
- [Axiom-developer] Re: Be Bold, Ralf Hemmecke, 2006/08/02
- [Axiom-developer] Re: Be Bold, Ralf Hemmecke, 2006/08/02
- Re: [Axiom-developer] Re: Be Bold, Kai Oliver Kaminski, 2006/08/02
- Re: [Axiom-developer] Re: Be Bold, Ralf Hemmecke, 2006/08/02
- [Axiom-developer] spam attack, Page, Bill, 2006/08/02
- Re: [Axiom-developer] spam attack, Antoine Hersen, 2006/08/02
- RE: [Axiom-developer] spam attack, Page, Bill, 2006/08/02
- Re: [Axiom-developer] spam attack, Bob McElrath, 2006/08/02
- RE: [Axiom-developer] spam attack, Page, Bill, 2006/08/02
- Re: [Axiom-developer] spam attack, Bob McElrath, 2006/08/02
- RE: [Axiom-developer] spam attack,
Page, Bill <=
- [Axiom-developer] Zwiki update, anti-spam thoughts, Simon Michael, 2006/08/03
- Re: [Axiom-developer] Zwiki update, anti-spam thoughts, Bob McElrath, 2006/08/03
- [Axiom-developer] heads-up, code updates, Simon Michael, 2006/08/12
- [Axiom-developer] Re: heads-up, code updates, Simon Michael, 2006/08/13
- [Axiom-developer] Issues with documentation revisions, William Sit, 2006/08/13
- RE: [Axiom-developer] Issues with documentation revisions, Bill Page, 2006/08/13
- RE: [Axiom-developer] Issues with documentation revisions, C Y, 2006/08/14
- Re: [Axiom-developer] Issues with documentation revisions, M. Edward (Ed) Borasky, 2006/08/14
- Re: [Axiom-developer] Issues with documentation revisions, William Sit, 2006/08/14
- RE: [Axiom-developer] Issues with documentation revisions, Bill Page, 2006/08/14