Go to previous post:
No, it’s not just you.

Go to Electrolite's front page.

Go to next post:
De vermis.

Our Admirable Sponsors

October 11, 2003

Killing time. If you follow any of my comment threads, you may have noticed posts signed “Lolita,” all of which were stuffed with links to particularly raw and nasty pornography. As of this moment, they’re gone, thanks to our steely-eyed comment-section overseer. We’ll see if they stay gone.

Do understand: I have nothing against pornography. I have everything against people who hijack thirty of my comment threads for their own commercial enterprises. But let’s be completely clear about this. I would be utterly opposed to personally harrassing Guy McFarland, who lives at 9 Dancing Cloud Ct. #42, Destin, Florida, 32541. I certainly would oppose any and all efforts to pester him via his phone number, (850) 269-3388. Goodness, that would be ever so wrong. How we would deplore that. Yes, this is sarcasm. Professional driver on closed road. Don’t try this at home.

UPDATE: As Teresa was deleting them, the pathetic little tools (Phone number: 850-269-3388!) managed to post two more.

You know something? If anything shuts down Electrolite and Making Light, it’ll be this kind of thing. It breaks our hearts. We don’t have the technical chops to fight it, and it’s clear that the world has people ready and willing to fuck us over. Either someone will come up with a non-gearhead tool for blocking this stuff, or no more weblogs from us. (Hello, Movable Type, if you’re not too busy with TypePad.) [11:34 PM]

Welcome to Electrolite's comments section.
Hard-Hitting Moderator: Teresa Nielsen Hayden.

Comments on Killing time.:

spacewaitress ::: (view all by) ::: October 11, 2003, 11:42 PM:

I was unpleasantly surprised this morning with 15 (!) comments from this bastard.

I'm tempted to call him at home and harass him, but fear reprisal.

It astonishes me that there are people out there who think this kind of thing is okay.

Teresa Nielsen Hayden ::: (view all by) ::: October 12, 2003, 12:00 AM:

I already tried phoning. The automated calling system says it's run out of message storage space. I'll try again later. The minute that box is cleared, I'm going to help fill it up again.

I've also sent a letter. Among other things, I advised the proprietor that my advertising rate is $100 per 100-character line, and that any further spams will be taken as a tacit acceptance of that rate, and billed for accordingly.

Greg Greene ::: (view all by) ::: October 12, 2003, 12:06 AM:

Just to help the rest of us fend him off, what's his IP address?

Patrick Nielsen Hayden ::: (view all by) ::: October 12, 2003, 12:21 AM:

Greg: Good question; I should have said.

David Bilek ::: (view all by) ::: October 12, 2003, 12:36 AM:

Are you sure you have the right name and phone number? I'm all for calling up assholes, but the contact info on a DNS listing isn't necessarily accurate.

That IP address looks to be in Utah near Salt Lake City according to a reverse DNS lookup.

sara ::: (view all by) ::: October 12, 2003, 12:54 AM:

I wonder if the incidence of porn spam (e-mail, unwanted posts) is rising as the economy worsens.

I have a Hotmail address (call me an idiot and sucker, but I've had it so long that it would be more inconvenient to update all my contacts with a new one). More and more porn spam is landing in my Junkmail box. I don't post that often on blogs to cause this.

The mentality of porn spammers probably is that some people (maybe many people, despite all the warnings) can be counted on to open it, click, and buy, the way chocolate and donuts continued to sell during the Great Depression.

Lee ::: (view all by) ::: October 12, 2003, 01:04 AM:

You're looking for mt-blacklist. Just about to be released by Jay Allen (http://www.jayallen.org/journey) at http://www.jayallen.org/projects/mt-blacklist. He's good friends with the folks who wrote MT and really knows what he's doing with this stuff. He's also a consultant (currently living in Budapest, so his rates should be reasonable) if you need help with it. Tell him Lee sent you ;-).

a b ::: (view all by) ::: October 12, 2003, 02:02 AM:

The address you posted is not the same as listed on the pages you cite; it should be 4009 Dancing Cloud Court.

Also FWIW, searching on '"Guy McFarland" destin' in Google comes up with a different phone number of (850) 269-2814.

Darren Rowse ::: (view all by) ::: October 12, 2003, 04:08 AM:

this is becoming more and more common - I know of a few bloggers who have disabled comments altogether because they have been targeted by it on an ongoing basis.

Unfortunately I suspect this is going to be a bigger and bigger issue for bloggers.

Bill Humphries ::: (view all by) ::: October 12, 2003, 04:41 AM:

I just ran a lookup on that IP address, it resolves to pfilter2.ikano.com. HTTP GET on that host returns "connection refused".

Ikano sells "Private Label" ISP. So it looks like one of their customers or customers' customer was spamming you.

It'd be worth time contacting Ikano directly. They make a lot of noise about being able to detect spamming behavior. Maybe they need education on comment spamming.

Yonmei ::: (view all by) ::: October 12, 2003, 07:07 AM:

Recently there was a highly successful campaign against a spammer. Naturally it was very wrong, and I wouldn't dream of suggesting that anyone who reads Electrolite or Makinglight would do anything of the kind. No indeed.

Irony, however, is good for the blood.

Fef2rag ::: (view all by) ::: October 12, 2003, 11:11 AM:

The Prattle has been hit too. Charlie has configured Apache to block the whole of 209.210.176.*, so any innocent users of that ISP can't comment either, but I doubt I have many readers in Utah! The site linked to is in the Ukraine.

We've also changed the name of mt-comments.cgi to something else, and remembered to put the new name in the MT configuration file. We will download and install mt-blacklist as soon as it appears!

Patrick Nielsen Hayden ::: (view all by) ::: October 12, 2003, 11:23 AM:

My only reservation is the suspicion that you may indeed have a reader or three in Utah, possibly young people who very much need to read the sort of thing you do...

Fef2rag ::: (view all by) ::: October 12, 2003, 11:35 AM:

The IP block is only for the anything in cgi-bin - they'll still be able to read it, but they'll have to comment from elsewhere.

Charlie Stross ::: (view all by) ::: October 12, 2003, 11:56 AM:

It's at times like this that I'm glad I use blosxom -- a minority pursuit -- and an external comment system. If MT-blacklist works okay I might begin thinking about moving over to MT, but for the time being ... hmm.

If this had happened to me I'd probably drop comments completely, for good.

Charlie Stross ::: (view all by) ::: October 12, 2003, 11:59 AM:

Thinking about a next-gen comment system, how would folks feel about being required to jump through a mailman-style registration hoop before posting? Basically, just to guarantee that (a) there's a real human being behind the email address who really wants to talk and doesn't mind being talked back to, and (b) to ensure that there's a click-through terms of service form in the loop (including "by agreeing to the terms of service of this comment system you agree to pay for commercial advertising at a rate of US $100 per placement" or some such)?

jeremy hunsinger ::: (view all by) ::: October 12, 2003, 12:30 PM:

well jseng from #joiito has a nice spam comment tool for mt at http://james.seng.cc/archives/000145.html it seems to be working for people

adamsj ::: (view all by) ::: October 12, 2003, 12:40 PM:


I'd be for it, with the caveat that a sig line in an otherwise legit post isn't commercial advertising. (I'm on a technical list for data warehousing run by one of the big names in the field, and I think it's unfairly biased in favor of his views by a rule that no one can mention their own books in a sig line.) I'd like to track user activity, and I don't care for Anonymous Cowards.

adamsj ::: (view all by) ::: October 12, 2003, 12:47 PM:

Use this form:


WITHOUT the * (MT ain't Apache) to block the range.

matt ::: (view all by) ::: October 12, 2003, 02:21 PM:

He also seems to be using the IP


Teresa Nielsen Hayden ::: (view all by) ::: October 12, 2003, 02:42 PM:

Charlie, what do you mean by a mailman-style registration hoop?

Teresa Nielsen Hayden ::: (view all by) ::: October 12, 2003, 02:42 PM:

Matt: For sure? Same guy? Say yes and I'll add it to my announcement on Making Light.

matt ::: (view all by) ::: October 12, 2003, 02:51 PM:

Yeah, it's gotta be the same guy -- same stupid shit. I happened to notice when he came back a second time (on a second MT blog on my site; I hadn't added the first IP to the ban list for it) _while_ he was actually doing it, and banned the first IP there, too, and then I checked again and, hey, great, 50 more comments, posted from a new IP. Yay!

adamsj ::: (view all by) ::: October 12, 2003, 03:01 PM:


The mailman mailing list program (used by perl.org and RedHat, among others) requires you to receive and respond to an e-mail at a legitimate e-mail address before you can be added to a mailing list.

A different dodge, used at Slashdot for password resets and a lot of other places, is to respond to a posting with a graphic showing a few alphanumeric characters. To send the post through, you have to type in the characters and submit again. It uses a graphic rather than letters so that you can't just parse the response and reply. (Eventually, someone will beat this with OCR.)

What Charlie is saying comes down to some form of low-work user verification or registration.

It's a good idea, or at least is not a bad idea.

The O'Reilly weblogs have begun to suffer, in my opinion, by the decision to allow anonymous postings. They clutter Slashdot, too, but Slashdot has user settings and reputation rankings.

(I'm still waiting for a setting that lets me change the message from "28 messages below your current threshold" to "28 messages beneath your current level of dignity".)

Alison Scott ::: (view all by) ::: October 12, 2003, 03:03 PM:

This is happening to me too, and I'm very miserable about it. I'm off on a residential course tomorrow; I don't want to disable comment posting on Macadamia, and I fully expect to come home to new comments on every single posting.

If we don't crack this problem, it will stop me blogging, or at least stop me blogging with open comment threads. I'm not prepared to have links of this kind hanging off my site.


Mike Scott ::: (view all by) ::: October 12, 2003, 04:41 PM:

There are some MT-specific tips on blocking comment spam here: http://cheerleader.yoz.com/archives/000849.html

Mike Scott ::: (view all by) ::: October 12, 2003, 04:42 PM:

Let me add a real link to the article I just mentioned. Sorry, too used to LiveJournal and phpWeblog comments which turn URLs into links automatically.

Brian Hess ::: (view all by) ::: October 12, 2003, 04:46 PM:

Adam Kalsey has been talking about this problem lately as well; some of his info might prove helpful to you:




Ken MacLeod ::: (view all by) ::: October 12, 2003, 04:47 PM:

Yonmei: Recently there was a highly successful campaign against a spammer. Naturally it was very wrong, and I wouldn't dream of suggesting that anyone who reads Electrolite or Makinglight would do anything of the kind. No indeed.

You know, when I followed that link, I was kind of disappointed. I had hoped to read that this guy had been beaten to death in public and his home burnt to the ground. I'm (no irony) surprised that nothing like this has happened yet, and while I wouldn't dream of advocating it, I can certainly dream of it.

Charlie Stross ::: (view all by) ::: October 12, 2003, 06:32 PM:

(Just back from delivering a friend to the local hospital A&E unit -- acute but non-serious kidney infection. Got home to discover every space within a quarter of a kilometre occupied by a badly-parked tourist. It's been that kind of day.)

Y'know, I am very disillusioned with computery things and this whole interweb business right now. (And yes, this is Charlie the gadget-junkie with the comp. sci. degree writing.) I'm getting more spam -- by volume -- than legit email, and I subscribe to some high-volume mailing lists. Maintaining a web/news/email server is becoming more and more of a painful round of applying one security patch after another, with little reward in sight.

I sympathize completely with Ken's sentiment, with the added caveat that I remember foaming at the mouth when the original Green Card spam went round usenet in '93 or '94. I don't see it getting any better, even if legislation is passed world-wide under the imprimatur of the WIPO (which'd be the first goddamn' useful thing that organization has ever done, if they'd get around to it). With news like this showing up I am not sure the internet is long for this world.

Next week I'm going to buy a new computer -- one too primitive, crude, and unusual to be a credible target for worms and viruses. I'm also going to quit the computer journalism field for good and focus on fiction. Who knows? Next thing you know, I might even be giving up the cable modem and the colocated server ....

Lisa Williams ::: (view all by) ::: October 12, 2003, 07:21 PM:

I do hope that you try MT-blacklist before giving up, or failing that, that you continue to blog, just for the time being without comments available. I really value reading your weblogs.

Lisa English ::: (view all by) ::: October 12, 2003, 11:47 PM:

I hear ya, Patrick, Teresa, and all.

IMHO, this nonsense is far worse than being called by some telemarketer during the dinner hour. It's time for a National No-Spam List, me thinks.

Despicable peckerwads, they.

I first encountered this lame brain marketing technique last year, but in all of the past 12 months, I've probably received no more than 20 such spams. Now? It's through the roof.

Last night, I returned to the weblog after being away a couple of days to discover enough comment spam to keep me at the keyboard - locating the porn/zipcode/jewelry comments, deleting each comment and associated post - for nearly an hour. Then there's the wasted 20 minutes here and 20 minutes there, spent Googling a solution. Tonight? Same business, so...

Flaming, spitting bullets and otherwise furious, I went into templates and commented out all of the comment-related 'plates. I continued adding to the ISP Banned List, and then reconfigured comments with no HTML. So far, so good --- for all of five minutes.

The lunatics STILL got in. Now...they're putting their nasty ass links in the URL window. So...back to the drawing board, I removed the URL window from comment input and preview. It's been two hours and I'm crossing my fingers.

Ordinarily, I'm not big on comment registration models, but after this latest experience, I want a freaking comment condom, featuring barbed wire and electric shock installed.

Yonmei ::: (view all by) ::: October 13, 2003, 05:10 AM:

You know, when I followed that link, I was kind of disappointed. I had hoped to read that this guy had been beaten to death in public and his home burnt to the ground.

Ken, no irony, I would be disappointed if something like that happened. These people are thieves - they steal our time and our resources for their own profit. Thieves deserve to be banged up where they can't steal, or - if that's not possible - to have the tables turned on them so that they lose what they stole from us. Harassing a spammer with loads of junk mail seems intrinsically perfect to me; take from him what he took from us.

dop ::: (view all by) ::: October 13, 2003, 05:32 AM:

You know the end of "Jay and Silent Bob Strike Back", where they hunt down all the people who slagged them off on the internet and beat them up?

I really wish we could do that with all those spamming bastards. Descend on their houses with the flaming torches. It's time...

mobythor ::: (view all by) ::: October 13, 2003, 07:34 AM:

Don't let these little dinks win, I read and value your blog when I have time to surf...

Chris Noto ::: (view all by) ::: October 13, 2003, 08:04 AM:

I'd much rather have you go with a "verified registration before commenting" protocol than to give up comments altogehter, as Warren Ellis has recently done.

anders ::: (view all by) ::: October 13, 2003, 11:20 AM:

Ken MacLeod,

maybe this is more to your liking.

spacewaitress ::: (view all by) ::: October 13, 2003, 11:26 AM:

You know, when I followed that link, I was kind of disappointed. I had hoped to read that this guy had been beaten to death in public and his home burnt to the ground. I'm (no irony) surprised that nothing like this has happened yet, and while I wouldn't dream of advocating it, I can certainly dream of it.

My sediments exactly. While I do not normally consider myself to be a violent or vengeful person, I was surprised at the intensity of my anger at this spammer and my desire to see him dealt with in some way.

My feeling is that anyone who thinks it is okay to invade someone's space in this way for commercial purposes has to have something wrong with him. The level of disregard for others that would allow someone to do something like this is nothing short of pathological. They need to be jailed, counseled, or in some way made to stop. (The other day, when the spam first appeared on my blog, I decided the ideal way to make them stop would be a shooting. I've cooled off some since then.)

Mac Thomason ::: (view all by) ::: October 13, 2003, 12:36 PM:

My theory for some time has been that these bastards are not actually selling anything anymore. Their entire reason for existing is simply to ruin the Internet for everyone else. They probably work for Disney.

A national no-spam list is so obvious an idea that it will probably never happen. A lot tougher to enforce than the call list anyway.

Nancy Lebovitz ::: (view all by) ::: October 13, 2003, 07:00 PM:

Mac, I've been suspecting for a while that there's an element of spite in a lot of spam. It's not just about money.

I agree that there's something broken about spammers, especially the ones that specifically target conversation--while email spam is bad enough, I count spam with fake subject lines as considerably worse, and put comment spam in the same category.

I'm not sure what's best to do about spammers, or even how the laws against spam should be written--I've heard that there are European laws against spam, but I don't know what's in them or how well they're working.

Emotionally speaking, I want the large scale spammers dead. Unfortunately, spammers are *very* good at concealing themselves and getting other people blamed. The false conviction rate is likely to be even higher than it is for non-computer crimes. There's nothing like thinking to damage a good revenge fantasy.

Keith Thompson ::: (view all by) ::: October 13, 2003, 07:45 PM:

I just did a reverse lookup on the (850) 269-XXXX phone number you posted (Googling a phone number does a phone directory lookup). It appears to belong to someone who lives about 45 miles away from the address you gave for Guy McFarland.

If I were going to use my domain to post porn spam, I wouldn't put my real phone number in the DNS entry.

Patrick Nielsen Hayden ::: (view all by) ::: October 13, 2003, 10:10 PM:

In fact, I installed Jay Allen's MT plugin (subject of the Slashdot link posted by John Hoffman above) an hour ago.

So far, it looks pretty slick, but the insta-delete email link doesn't work for a few people, us unfortunately included. Also, basic MT rebuilding has slowed to a crawl. I've described both problems in comments to Jay Allen's site. Given that he appears to have spent the last 48 hours crashing out this piece of work without a break, I think we can wait a little while for him to file off the rough edges after he's had some sleep...

Dave Pentecost ::: (view all by) ::: October 13, 2003, 10:32 PM:

Take a look at the scriptygoddess
site for a roundup of anti comment spam tips.

Dave Bell ::: (view all by) ::: October 15, 2003, 05:55 PM:

Some not entirely unrelated thoughts on spammers...

Email is getting horribly slow and unreliable via Demon in the UK. There's been a report of a growth rate in email traffic of 20% per month, compound! Any checking scheme based on email could be a non-starter as a consequence.

It's not just the spam, it's the worms, and the way they're taking over innocent (naive?) machines to do spam runs. The spammers have parallel processing, and that's blowing a hole through the brute-force technical solutions, such as faster hardware to handle mail.

I'm disposing of over 98% of my incoming email.

The one bright spot is that the Orient Express is running again between Istanbul and Paris, and we'd only need to buy a spammer a one-way ticket.

The Orient Express would be such a luxurious venue for a Blogger-Con, wouldn't it.

Amit Patel ::: (view all by) ::: October 30, 2003, 08:16 PM:

Comments are not the problem. URLs are the problem. Take out the URLs and the spammers get no pagerank from you, and there's no reason for them to spam anymore.

adamsj ::: (view all by) ::: November 02, 2003, 10:46 AM:

Take out the URLs and you also don't have the Web.

Alan Bostick ::: (view all by) ::: November 02, 2003, 12:22 PM:

adamsj, we're talking about blog comments. The functionality of the Web as a whole, or even the blog as a whole, is not at stake.

The Web is too "functional" as it is. I, for one, would be much, much happier if the barrier between email and the Web were higher, i.e. if brainless fools in Redmond, Washington, weren't so committed to everyone's having email clients that instantly load megabyte-sized graphics of h0t t33ns, to say nothing of spyware or malicious applets, the moment they are opened.

adamsj ::: (view all by) ::: November 02, 2003, 02:23 PM:


There's something to what you're saying. Still, I'd rather have the functionality of URLs in comments.

Alan Bostick ::: (view all by) ::: November 02, 2003, 05:44 PM:

So would the spammers.

Jeremy Leader ::: (view all by) ::: November 03, 2003, 01:23 PM:

I see 2 reasons for spam in comments:

1. To produce lots of in-bound links to a page, to get Google and other search engines to think the page is popular, and so boost the page's PageRank.

2. To get humans to go look at the page.

URLs put in comments by honest folks are there for reason #2, but not #1. So anything that prevents #1 will go a long ways towards de-motivating comment spam. You could use robots.txt to keep your comments from being indexed, or I think there are no-index tags you could put in the comments pages themselves. After all, to a naive search engine, all the pages on your site express your opinions about the relative importance of other pages; you need to tell the search engine that some pages don't represent the site-owner's opinions.

Allowing textual URLs, but not links, would eliminate #1, and would limit #2 to those people knowledgable and determined enough to cut and paste the URL. I like to believe that spammers' preferred prey are neither, so again this would lower the spammers' incentives.