Kimler Sidebar Menu

Kimler Adventure Pages: Journal Entries

search cloudRandom Searches
random top 40

A Target on Your Blog

Filed in:b2evo
Web Dev·The Web

A Target on Your Blog

May 9th, 2006  · stk

How about this: Software that targets b2evolution blogs and ONLY b2evolution blogs! We're talking comment SPAM here, folks. Ever wonder why you spend so much time deleting comments from your blog? Find out more ...

b2evolution Comment Spam Software

b2eblogger

Did you know that you can buy software specifically for spamming b2evolution blogs? How about that "howdy-do" with your morning coffee? Just think of all those SPAM messages you spend time deleting from your blog. Perhaps many are coming from this software?

It's enough to make steam come out of your ears.

Of course, if the programming is crafted as well as the banner ad (notice the spelling error?), then b2evolution owners don't have too much to worry about.

BlogVerSpamming Software

reverse ip

Last December, just for fun, I downloaded and tested a SPAM program (euphemism: bulk marketing tool). I did it to see how it worked and I learned a few things.

Spammers have been busy since then, marketing spamming tools for targeted audiences. Our b2evolution blogging software is one such target. Why? Because it's easy to spam? Because it has a world-wide audience (and Google loves links from different geographic areas)? Because it's widely distributed and used? YES ... YES ... and ... YES.

Don't feel like b2evolution is being picked on. You can also buy SPAM software expressly for Word Press. One I particularly like, is aimed at Blogger. On a tutorial page for the product, is the claim that every blog to which their software posts, is done at the permission of the blog owner.

Blogger.com is very well aware of Blog Submitter Pro! They know exactly who we are, exactly what we do, and exactly why we do it…. And They Do Not Mind One Little Bit

These software packages are not inexpensive. The price point seems to be in the $250 USD range. (Ironic, really, considering that they're piggy-backing on top of free, Open Source software. Think these people ever donate to b2evolution or Word Press? They should. ;) )

The concept is simple. By putting unwanted links and keywords in comments and trackbacks, marketers gain Search Engine page rank by generating back-links and site traffic from unsuspecting clicks. I call these deplorable methods - "BlogVerSpamming".

Does "black hat" search engine optimization (BlogVerSpamming, Comment Spamming, Trackback Spamming) work? Unfortunately, it appears to, which is why there is a market for it. One review indicates receiving more incoming links and traffic.

Digging a Tad Deeper

Using some of the domain tools available on the Internet, I did a WHOIS database search on the b2evolution BlogVerSpamming site B2E Blogger. What I found out was interesting.

The IP address (216.171.218.222) emanates from a California location (Loomis, near Citrus Heights, just outside of Sacramento) called "Marketrends Productions". They've hidden their contact information behind the domain registration company "Domains by Proxy, Inc.". A reverse IP look-up shows that there are 44 other sites that are hosted from the same server.

WP

The domain names on that server read like a who's-who of comment SPAM and several are worth noting. Anyone who thinks the software I've written about in this article represents a bunch of different people ought to look again. Every one of the domains linked is hosted on THIS server. In fact, the main site name spagack is a redirect to Marketer SOS, where you can see nearly full-listing of available software. My guess is that they all use a similar engine, with only a few changes for each one. They talk about 3 new software packages coming out, but I'm taking a guess that two are a "Shout Box" Spammer and a Drupal Spammer.

There's nothing worse than a snake oil salesman, selling to other snake oil salesman. I feel greasy, just visiting the site!

The really funny part? They're an equal opportunity company, as they also offer "legitimate" web hosting (but it only looks like there have been a few takers). Most are "Black Hat" SEO related.

What Should You Do?

Regrettably, it's beyond the scope of this article to discuss anti-spam measures. (And the last place I'd publish them publicly, would be in a post like this). Know that me and my mates are working on the problem, testing things and so far, the results look very promising. We've actually killed the blacklist on our site and no longer rely on any of the "out-of-the-box" b2evolution SPAM solutions. At the same time, we allow links in our comments, don't make commenter's jump through any hoops (captcha), and have our comments open to the entire world. So there ... take that spammers! Yes, we still get the occasional (manually entered) SPAM message, but it's on the order of maybe 2 a month. Nothing dramatic. I guess manually entering SPAM isn't as "inexpensive" as paying $250 for an automated version.

I suppose, in a way, this article gives the spammers what they want (backlinks from a legit blog), but perhaps, in return, they'll give me more of what I want ... automated SPAM comments for study! (Oh ... the images on this page are served from their site! Since they feel no compunction regarding abuse of my bandwidth, I thought that I'd return the favor!) ;)

(Permalink)
Views: 15406 views
8 Comments · GuestBook
default pin-it button
Updated: 20-Jun-2011
Web View Count: 15406 viewsLast Web Update: 20-Jun-2011

Your Two Sense:

XHTML tags allowed. URLs & such will be converted to links.


Subscribe to Comments

Auto convert line breaks to <br />

1.flag Brent Comment
05/10/06
Interesting article. I wonder why the powers that supposedly control this sort of thing haven't yet shut them down.

If you can track them I am certain that the Legal beagles can.

I like the process of forcing real email addresses and typing in a random code image because then there can be no automated posting.

I personally am happy to jump through those hoops.

Mostly though I use white lists rather than black lists, they're easier to maintain, more accurate and block all spam.

Good luck with the fight.
2.flag stk Comment
05/10/06
Brent,

Glad you like the article. I'm not sure though, just who those "powers" are and legal beagles need $$ to pursue anything.

You can't really force a real email address (other than requiring one and maybe checking the format). Anyone can type in a fake one (and often do).

CAPTCHA is a good hurdle, but it's been defeated and sometimes there's confusion between "0" and "O" or "l" and "1".

I'm not a fan of making users jump through ANY hoops, no matter how small. Lists (white or black) are problematic because they're only yes|no (no logic), tend to create a lot of overhead and become obsolete.

We're designing an intelligent system that is flexible and learns. We're aiming to turn the tables - we want spammers to need a blacklist.

-stk
3.flag Vincent Comment
05/10/06
Scott: Thanks for an informative article!

Hopefully b2evo will come out soon with way more spam preventative measures to help protect us, but I really don't see it happening by itself. We've had the centralized blacklist (now down) and really no other methods for quite a while that was built into the software to help. I see a MT-spammed-to-death situation hitting us eventually since development has not kept pace with spammers. I've seen the lead we had versus spammers get wiped out by no new releases to help for a while.

Do you see the situation improving for b2evo anytime soon? Or will it have to come as a result of users themselves instead of the developers?
4.flag stk Comment
05/10/06
Vincent,

I'm more frustrated than most, perhaps, at the time that it's taken for the beta release of Phoenix. However, I know that the core code is being completely re-written to be Object-Oriented. This is not a small endeavor.

When released, the next version will more easily allow user-developed plug-ins, like WP. This is a good thing and I'm sure that there will be Anti-SPAM plug-ins (developed by both developers and users) that will help.

YESI see the situation improving GREATLY, after the beta release of Phoenix is out and folks have upgraded.

At AstonishMe!, we're working with the CVS (interim code) and developing a bunch of plug-ins NOW, that will be available for release, just as soon as the final production release is out.

Believe me, there's a lot going on in the background. b2evo is FAR from being static!

5.flag Vincent Comment
05/10/06
Hey Scott, thanks for the ray of light in the dark cloud! I hope it turns around soon and we see releases that will help before we're overcome. I don't mind life preservers, I just dislike them over lifeboats. :)
6.flag dAniel hAhler Comment
05/10/06
Scott, you could/should use rel="nofollow" with the links to the spam software sites.

Regarding the next version of b2evolution, there will be a lot of improvements against spam: we already have some plugins and will have a "basic antispam plugin" which ships with the core.

We know that we're late with this however.
7.flag stk Comment
05/10/06
dAniel - Good point about the "nofollow" link attribute. Done.

It may be late ... just make it great!

Reference: [ Google Introduces "nofollow" ]   [ rel=nofollow attribute ]
8.flag Vincent Comment
05/11/06
I second the "make it great"!