Re: Comment Spam: new trends, failing counter-measures and why it's a big deal

[James Kehl <shykta () dione ids pl>]

On Mon, 13 Feb 2006, Gadi Evron wrote:

> Dude VanWinkle wrote:
> > On 2/12/06, Gadi Evron <ge () linuxbox org> wrote:
> >
> > Can you provide some of the domains used for spamming? I was just
> > wondering if their whois registrations are similar. If so, it may be
> > possible to generate a PTDL (Possibly Throwaway Domain List) based off
> > of a bot crawling the whois database for similarly registered sites.
> >
> > Plz let me know if this is a stupid idea and why.
>
> Nope, a good one. Blacklisting for domains works well. :)

What about honeypot blogs / entries? Spammers themselves have given us all
the techniques needed to produce text that a computer thinks is legit.
Anyone who comments on such an entry, though, can be easily identified as
a bot or a moron, and worthy of a ban :)

Some central blacklist service (ala RBL) that people could link their
blogs to would also help - if you can only produce one spam, worldwide,
for each domain registration, then you won't be such a happy spammer.
Is there anything like this already?

James
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.