Posts Tagged spam
Using Third-Party Apps
Lately I’m seeing a lot of spam user registrations here at iandouglas.com which of course raises the question of whether using a third-party application such as e107 is beneficial to my needs, or if there’s some inherent flaw/exploit/vulnerabili…
Lately I’m seeing a lot of spam user registrations here at iandouglas.com which of course raises the question of whether using a third-party application such as e107 is beneficial to my needs, or if there’s some inherent flaw/exploit/vulnerability that someone’s trying to take advantage of.
I see a lot of this kind of behavior on client sites who have third-party apps running that advertise the CMS/forum software along with version numbers, like phpBB where spammers have learned to read the default ‘captcha’ image and register accounts so that posting spam comments is easier. All they need to do is go to Google and search for “phpBB” with a version number with a known exploit, and Google will happily serve up a list of sites that proudly proclaim “powered by phpBB v1.0.0″ or whatever.
I’m currently using the latest release of e107, but I’m starting to think, again, that a home-grown solution might be more beneficial. There’s so much bloat in third-party apps as CMS engines try to be “all things to all people”. Like my struggle with buying a cell phone that’s JUST a cell phone, CMS application developers keep cramming in features I’ll never use, and offer no easy way to strip them out or disable them.
I’m seriously debating just going back to the ol’ drawing board, like Wile E. Coyote, and just design my own CMS software. I’ve started it in the past and usually gave up because it was a pretty daunting task. Now, with tools like Symfony, it’s a lot quicker and simpler to build scaled applications like that.
It’s not like I need anything terribly fancy either, just a place to write my blog articles, manage my file downloads, and let users register to leave comments. Barely anyone uses my forums any more for support help on the software I write, so I’ll likely take that completely offline in the near future.
Of course, with a new CMS comes the chore of writing a fistful of .htaccess rules to ensure search engines and bookmarks to my site still work by bouncing browsers and bots over to the new URLs. Overall, that’s the easy part of the job…
Spam test
Well, I’ve decided to run a little experiment for a little while. I’m going to put a fake Email address on my site in hopes that spammers will skim the address and harvest it and pass it around… Then, I’ll try to track how many messages get sent to myexperiment@w98.us. As soon as I reactivated my old wild98.com domain, I started getting tons of spam to all kinds of Email addresses that I haven’t used in over 5 years!! Apparently, nobody is filtering their spam lists for bouncing addresses anymore.
Update, June 1 2007: I had shut of wild98.com for nearly two full years and recently enabled it again and it’s insane to see 100+ pieces of spam show up every day to addresses that have been bouncing back to never-never-land for two years straight. You’d think there would be a bigger market for ‘clean’ Email addresses that don’t bounce back…
triple worm threat
Hey folks. PLEASE, for the sanity of everyone close to you: if you get an Email about Saddam Hussein being dead DO NOT open any attachments on the message. There’s a triple worm threat going down that’ll really hose up your machine.
Check out this article at ZDnet for more information.
Recent Comments