chrispederick.com
Nov
20
Combatting Spam
- General
- 4 Comments
- 2 years ago
I do not get too much spam on this site, but recently I have made a couple of changes in order to combat spam.
Blog Spam
The out of the box spam protection in WordPress is pretty good and I was using the number of links in a comment to put suspected spam in the moderation queue. While this caught nearly all spam it also required manual intervention on my part to check the queue and approve any legitimate comments.
Last month Matt Mullenwegg posted about Akismet - "a new web service that stops comment and trackback spam". I immediately installed the WordPress plugin and since then comment spam has been a non-issue - Akismet has caught every single spam comment with no false positives so far.
Sending Spam
Recently I started getting some strange emails originating from my contact form. Looking at the full email headers it became clear that I was the subject of an email injection exploit and the form was being used to send spam. I am certainly not an expert on this subject, but I thought that I would post a couple of useful links that describe how to fix potential email injection holes in your PHP code.
Firstly, the PHP Mail documentation includes a number of useful tips in the User Contributed Notes section. The most useful tip is a link to a helpful article about email injection. Using these tips and the suggestions from the article I have been able to stop the contact form from being used to send spam.
4 Comments
Hehe - sorry to disappoint! 
Thanks for the heads up on Akismet! I've added it to my blog and it's done wonders.
I ve added that plus the MT black list to my blog to prevent spammers from posting but sometimes it over protects but have not had a problem with it since.I think one day we the blogginf communnity will win the war on spam!
matt law
2 years ago
November 21, 2005
and I was hoping for an article on subversive removal of cans of spam from supermarket shelves .... bummer.