Damned spammers. Looks like a big batch of drug-spam just went out with my personal email forged as the sender. The number of backscatter messages I’ve gotten today exceeds the number of spams that usually make it through to me in a week. Why? Because my anti-spam measures are mostly about blocking messages from “bad” mail servers, and backscatter comes from “good” mail servers. I’m laying a lot of ironic emphasis on those quotes around “good” because I shouldn’t be getting those backscatter messages at all.
You know, I have yet to actually try Twitter, but if this is the kind of thing people say on Twitter then it’s OK with me!
As I hinted in my report several days ago about this server suffering a DOS attack, I’ve taken some measures to prevent a repeat occurrence. One of them was to install the mod_evasive Apache module, which was suggested by a number of people. (There’s also mod_security. It’s way more complex than I need right now, but would be worth looking at for a busier server.) Initially I was skeptical, since mod_evasive doesn’t seem to be a very actively maintained project.
Other than using Akismet, the anti-comment-spam measures I have in place here are pretty primitive. I block some common patterns and blacklist some IPs. (I don’t have plans to make it any more sophisticated since I’ve told myself any new blog engineering effort needs to go to the new Django-based version, not the old PHP5 one.) I was looking at server logs this week and noticed an unusual number of POST requests, then realized that they were foiled comment-spam attempts.
One of my neglected side projects, purportal.com, features a “Scammy spam library” where I share the text of scam emails I’ve been collecting. Today it reached the 1000-specimen milestone, so I wrote a little script to count word frequencies. The raw list reads like some of the less coherent messages itself: account email our please ebay me paypal information bank any address through contact security am money funds us million…