Comment spammers never cease to amaze me…

…with their willingness to be complete assholes.

Some dipshit took the time to post a massive comment spam to this entry on Jenkins Online that had over 80 links to various galleries at a gay porn site. The entry in question was in regard to the memorial photo album I set up in our gallery for my friend Bill Owen who was killed over a year ago in an auto accident. Now I have captchas set up so this means the asshole had to sit there and make the entry by hand.

How much of a prick do you have to be to attach a porn spam to an entry about a photo gallery in tribute to a dead friend? I wouldn’t be nearly as offended about this if it had been the result of an automated script, but this was someone making a conscious decision to pick that particular entry for their attempt at increasing their Google page rank. I really wish you obnoxious fucks would grow the hell up and stop being such greedy little shits that you’re willing to do anything to increase your page ranks. I don’t begrudge you guys being able to offer your services online, but keep it the hell off of my sites where it does not belong.

6 thoughts on “Comment spammers never cease to amaze me…

  1. It is astonishing!

    I hold spammers in utter contempt, but I rest secure in the knowledge that amorality is no path to happiness, and that their worst punishment is having to be them.

    With that said, I have to wonder about your assumption that this is not a bot. I cannot imagine a spammer’s having the discipline to do this unless for personal reasaons.

    I suspect a bot. As I’m sure you know, there are some ingenious CAPTCHA workarounds, such as posting the CAPTCHA to a free porn website where there is an endless queue of horny geeks waiting to type the answer to see free porn. This can be an almost instant “automated” response allowing the bot to then submit your CAPTCHA.

    I don’t know that this is in use against EE sites yet (we’ll know soon if it is), but my money is on a bot and some CAPTCHA workaround. Guess we’ll see, and honestly, I’m not sure which is worse!

  2. I’ve yet to have comment spam on my EE powered site … god knows I had a ton of it when I ran MT … this is just low though.

    Considered moving to a moderated model for non users, and forcing people to register to comment?

  3. Registering comments wouldn’t be such a big deal but reading Les’ post just left me ticked off.  I mean, how crass can you get.  This was just an afront to human dignity.  It’s tiring making concessions to malcontents when all I really want is spend a little one-on-one time with them in a locked room. 

    If your ‘product’ needs to be force fed to people in order to generate revenue then you either: A- Need a new product, or B- Suck at marketing.

  4. There’s a slight possibility that somebody went to all that trouble because they were targeting Les directly.  Which would explain the extreme insensitivity of posting it where they did.

    On the other hand, spammers NEVER give a shit about anybody but themselves.  That’s why they don’t even bother with learning real marketing.

    (captcha:  done)

  5. I don’t want to force people to register in order to comment unless there’s no other choice. The captchas are working pretty well for the most part and this makes all of, what, three or possibly four comment spams since the move to EE? Not really all that much to complain about.

    Honestly, I was more pissed off over the choice of entry to attach the spam to than I was with the fact that they spammed the site. One of the nice features of EE is that it specifically prevents duplicate comments from being entered so simply copying and pasting the same comment spam repeatedly wouldn’t work. It’s also why you may have noticed I’ve not had to delete anyone’s duplicate comments lately. Captchas and duplicate comment prevention are just two of something like five different means of preventing comment spam in EE.

    Captcha = results.

  6. I know on my (still) MovableType powered blog, I’ve got a hidden field which encrypts the IP address (and various other details) of the person that _requested_ that page. The form has been tweaked so if that field doesn’t exist, the form is instantly rejected. It’s quite interesting to see that spammers have a tendency to request the page once from a single IP, but submit the form from multiple IP address: it might be worth doing a “match up” on that: if the IP address of the page requester doesn’t match the submitter – then block it. Combine that with blocking known anon proxies and maybe even rate limited (you _attempted_ to post recent but the IP address didn’t match – ban ALL IP addresses that were associated with that from submitting for a while).

    Finally to get around the potential “captcha on a third party site” problem (which, given long enough, might be able to work out which word corresponds to which captcha code), just “brand the captcha” – have the actual text say “To submit this comment to StupidEvilBastard – type in the word given below”.

    Oooh – I’ve just had a brilliant idea! Along with the captcha, have the Submit button as an image button but with a “click square” in it (it could just be a black bar with the ‘submit’ button placed differently along with bar) – if they don’t click on the right place on the image, then the post is rejected. Combine the captcha, “submit image” and the IP address+browser used into an additional hidden encoded field – and if the data doesn’t match – do the multiple IP address block thingy.

    Just don’t ask me to implement it all for you – my developmental schedule is packed, so it’s ideas only at the moment…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.