In the last two days I’ve seen a tenfold increase in the amount of spam being delivered, both that is being blocked, and isn’t being blocked, by Bad Behavior.
While the spam started around the same time as I released Bad Behavior 2.0.7 yesterday, there doesn’t appear to be any correlation between the two. I inspected a few of the spams and they seem like the same old stuff, just cranked into very high gear.
I’ve personally seen over 3,000 spam attempts in the last day, with over 200 missed. This is spam that Bad Behavior is not yet capable of catching without blocking legitimate users as well.
This is why I have been working on the Bad Behavior Blackhole, in order to identify and block spam by its sources, wherever they are.
The Bad Behavior Blackhole is a feature that, once fully up and running, can identify known sources of blog spam and wiki vandalism and pre-emptively block them without affecting legitimate users.
Unfortunately, time constraints have not permitted me to put in much work on Bad Behavior Blackhole, as I’ve had to work on things which bring in revenue. As I’ve said before, while tens of thousands of people use Bad Behavior, only a few dozen have ever actually contributed back.
If you find Bad Behavior valuable, and you want to see this project up and running sooner rather than later, please contribute to its further development.
Thank you in advance for your support.
Update: Slashdot has coverage of the massive spam increase, which is hitting e-mail spam as well.
Bad Behavior 2.0.7 has been released.
I’ve got a nice roundup of bug fixes this time around. Most people should upgrade right away to take advantage of the fixes and additional spam protections.
New in this release (since 2.0.6):
- A bug (apparently in MediaWiki) which caused blank lines to appear on rendered pages in MediaWiki 1.7 has been worked around.
- In version 2.0.6 four blackhole lists were added and incoming POST requests screened against them. Two of these lists generated significant hits in which primarily non-U.S. users who hadn’t actually sent any spam were being blocked. They have been removed. (Once Bad Behavior Blackhole is up and running, the other two may be removed as well, even though they’re performing fine.)
- Two tests which catch some spambots and content thieves which were present in Bad Behavior 1 were inadvertently dropped from Bad Behavior 2. One of the hazards of rewriting something from the ground up. These tests have been restored.
- A check which blocks users behind a Microsoft ISA Server 2004 proxy server, and one other type of proxy server I forget the name of, has been moved to strict mode only. Please disable strict mode if you are expecting traffic from such a source, and please contact Microsoft for a hotfix, if they’ve bothered to fix the bug in their software.
- An additional IP address range for Google has been whitelisted. If you ever receive spam from an IP address owned by Google, please notify me immediately.
- Several additional spambots have been identified and blocked.
Download Bad Behavior now!
As always, if you find Bad Behavior valuable, please consider making a financial contribution. I develop Bad Behavior in my spare time, and every little bit means I have more spare time to devote to its development.
And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)
Also please note: Due to excessive levels of spam here on wordpress.com, which doesn’t use Bad Behavior anymore, I’ve had to close comments and pings entirely. You can reach me at badbots@nospam.ioerror.us without the nospam.
