Kitten

This is fixed in CVS.

https://comox.textdrive.com/pipermail/cvs/2005-January/000873.html

1. It’s just a little blurb of HTTP send to a server.

2. In the box on the Advanced Edit page that’s labled “trackbacks.”

3. That’s up to the person, but there’s a link right above the comments section for your trackback URL to that post.

4. It’ll show up like a comment, but formatted slightly different.

Please use the plugins repository for bug reports.
https://dev.wp-plugins.org/newticket

look for “CREATE TABLE” statements, and see if anything is goofy in that general region. Start with upgrade-schema.php in wp-admin.

Strange. It also seems that you’re installing WP-MultiUser, is this right?

The slash is your problem, it’s in there somewhere.

Couple of quick notes, welcome to the world of captcha design. Don’t reinvent wheels, there’s lots of material on the subject.

Also, your urlencoded string that you pass to the form processor is the same as used to generate the image. Try moving to a hash of a time sensitive shared secret, which will prevent your captcha from being reverse engineered.

This is the problem that the trencaspammer (sp?) captcha had a while back.

And realise that you’ve just prevented anyone who is blind or has poor eyesight from commenting on your blog.

Keep working on it, a variety of anti-spam solutions in the ecosystem is healthy.

Speaking of revenge…

v2 of Spaminator has an interesting, but dangerous feature: it sends an email to the ‘abuse’ and ‘admin’ addresses of the domains used for the spam. I’ve been playing with different implementations, but updating the mainline has been more important.

Having the mailback enabled could have the side effect of you being labeled a spammer. But I think I might be able to get it to a point where that danger is minimal.

Obviously, I’ve not released this yet.

I could see the blog spam being indirect email spam. Which is funny because my email program (Evolution) is set to pipe Spaminator emails through a logging script then delete it.

So out of the 3000+ Spaminator emails I’ve received, I’ve hardly seen any of them

wp_/wpmu

it looks like you have a slash in the ‘table prefix’ part of your wp-config.php file. Make sure it’s just wp_ there, and retry.

I’ve been thinking about this for a while, (probably more than most, given the time I’ve spent on plugins) and if you really want to venture into tin-foil hat country, the spam problem might even have deeper roots than it seems.

Observation #1: Very few blogs have visible spam, regardless of what’s piled up in the mod queue, visibility counts.

Observation #2: People (site owners, not necessarily the actual spammer) promoting a business tend to look for results.

Observation #3: IP log analysis from Spaminator results shows a large variety of IP addresses used.

:.

The average joe that wants to make money with his website, doens’t have the resources/knowledge to spam a large amount of blogs. He wouldn’t be able to vary his IP so drastically, either.

So, he has to hire someone, the spammer, with his spambot software and access to zombied proxies to send it from.

The spammer has a nice scam going, and he’s working both ends of the table. One, the site owner sees a need to “get the word out” and the spammer is the go-to guy for that, supposedly. Also, the spammer doesn’t care about his comments are moderated, because he’s not looking for results, he’s just looking to show that x amount of comments were posted and he can get his fee.

So the site own has been duped into thinking that he’s getting pagerank, but really only paid for his door hangers to get tossed into the dumpster. If he doesn’t get pagerank from the spamming, he’s unlikely to continue. The spammer must find more paying “victims.”

This explains the spam that comes in spurts, the site owners don’t get results, and give up. But what about the consisten spam that pours in rain or shine?

On example from my site is the ‘byob’ spammer, (if you’ve been hit, you’ll notice that signature in the email address used in the comment). He’s been attacking my site for over 2 months, and has been directly responsible for several improvements in Spaminator.

I can only come up with two reasons. He’s got his own botnet, and is trying to “make it up in volume,” or he has another plan in mind.

Could spammers like this be working to simply harass blog owners? With the goal in mind of damaging part of the blogosphere to the point that comments are shut off on a majority of blogs?

I have no idea why, but it seems like a good of explanation as any. Blogging is disruptive media, and maybe we’re under an orgainsed attack. It’s hard to say, but it’s a theory that I’ve not seen discussed before.

Any ideas?

Despach0,

You have to build up your words list, for that I have a plugin, Kitten’s Spam Words, that parses your spam and pulls out domains, IPs, & emails for easy insertion into your words list.

Once you’ve deleted comments “as spam” you’re on your way to building up a custom word list.

Everyone gets different spam, so there’s no one-size-fits-all solution, you have to build up your list as you go.

Yeah, most likely you got some white space in the file where you copied it out of the repository.

The reason you’re not seeing errors is because your host has php set to not display error messages for increased security. Otherwise you’d probably be seeing “headers already sent” errors.

I’ll make a .zip file release available later today, since you’re not the first to have this problem.

Now: 1.0rc6

Installer bug fixed, was my fault. Lax QC, sorry for the trouble.

Strange, I built the interface using a current CVS checkout. It’s using standard WP API calls to manage the options.

Could you guys poke around in your database and look for 2 new entries in the options table?

spaminator_status & spaminator_settings

Look me up (MooKitty) on #wordpress later, and we can do some more troubleshooting.

Edit:
Just a thought, since I want the form to come back to the same page, and the plugin options pages use a GET, I’m using action="" in the form, so that might be a browser thing. I’ll have to generate the URL and see if that solves the problem.

Sorry for the ugly hack.

Now closed.

All requests for pages will be redirected to:
https://mookitty.co.uk/devblog/index.php